NEWSPAPER 


IN  A  HURRY 

Hoping  for  a  high-end  boost,  EMC  details 
two  new  arrays  ahead  of  schedule.  pag|  6 
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yi  Paul  Glen’s  advice  column  debuts  with  answers  to 
MKr  your  thorniest  management  questions,  page  44 
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IS  COSTING  THE 
ECONOMY  BILLIONS 
4  OF  DOLLARS.  But 

some  companies  are 
trying  a  new  approach, 
called  application  life-cycle 
*  management,  to  exterminate  bugs 
throughout  the  development  process, 
not  just  at  the  end.  SEE  ‘UP  FROM  A 


LOW-QUALITY  QUAGMIRE,’  PAGE  23 


U.S.  IT  Wages  Inch  Up 
In  Tight  Labor  Market 


BY  THOMAS  HOFFMAN 

A  strengthening  U.S.  economy 
that’s  fueling  increased  IT 
spending  and  creating  a  tighter 
labor  market  has  led  to  mod¬ 
erate  pay  gains  for  technical 


workers  such  as  application 
developers  and  database  ad¬ 
ministrators,  according  to  new 
research  and  interviews  with 
IT  executives  last  week. 

“There  is  a  noticeable  wage 


increase”  for  technical  skills, 
said  David  Myers,  director  of 
project  management  at  Solo 
Cup  Co.  in  Highland  Park,  Ill. 

Myers  said  he  believes 
that  the  pay  gains  are  the  re¬ 
sult  of  a  general  rise  in  IT  cap¬ 
ital  spending,  which  has  re¬ 
sulted  in  more  projects  being 
launched  and  a  decreasing 
supply  of  available  domestic 
IT  labor.  In  addition,  Myers 
cited  rising  labor  costs  at  off¬ 
shore  IT  firms  as  a  factor. 

Other  IT  ex¬ 
ecutives  said 
they  also  have 
noticed  a  rise 
in  labor  costs 
within  the  U.S, 
IT  Wages, 
page  56 
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HEWLETT-PACKARD:  UNDER  THE  MICi&SCOPE 


HP  Plans  Cuts; 
User  Group 
Shuts  Doors 


Hurd  holds  off  on 
strategy  questions 


BY  PATRICK  THIBODEAU 
AND  MATT  HAMBLEN 

Mark  Hurd,  Hewlett- 
Packard  Co.’s  new  CEO, 
last  week  broke  the  rela¬ 
tive  silence  about  his 
plans  for  the  company,  an¬ 
nouncing  a  10%  workforce 
cut  and  the  merging  of 
HP’s  sales 
force  into 
its  major 
business 
units.  Left 
unanswered, 
though, 
were  ques¬ 
tions  about 
HP’s  strate¬ 
gic  direction. 

Hurd  and  other  HP  offi¬ 
cials  said  the  changes  will 
make  the  company’s  oper¬ 
ations  more  focused,  in¬ 
crease  its  internal  ac¬ 
countability  and  do  no 
harm  to  its  research  and 
development  efforts.  But 
the  lack  of  details  about 
HP’s  future  technology 
plans  left  users  such  as 
Rex  Dickey,  IT  director  at 
Columbia  Steel  Casting 

HP  Strategy,  page  16 


Interex,  HP  World 
hit  by  finance  woes 


BY  PATRICK  THIBODEAU 
AND  MATT  HAMBLEN 

The  end  of  the  100,000- 
member  Interex  user 
group  and  the  HP  World 
conference  it  was  due  to 
hold  in  August  arrived 
suddenly  last  week.  But 
the  organization’s  finan¬ 
cial  collapse  was  months 
in  the  making. 

Most  Interex  members, 
who  now  find  themselves 
without  an  educational, 
advocacy  and  support  out¬ 
let,  had  no  inkling  of  the 
problems  facing  the  31- 
year-old  user  group  follow¬ 
ing  Hewlett-Packard  Co.’s 
decision  to  launch  its  own 
conference  this  year. 

For  example,  Rita  Work- 
Interex,  page  14 
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Mr.  50,000  Global 
Remote  and  Mobile 
Users  Connected 
Without  a  VPN. 


NISSAN 


f  W'S 


"At  Nissan,  we  expect  to  save  at  least  $135  million  annually 
thanks  to  the  efficiencies  that  Windows  Server  2003  and 
Exchange  Server  2003  are  helping  us  achieve." 

Toshihiko  Suda 

Senior  Manager,  Nissan  Motor  Company,  Ltd. 


Make  a  name  for  yourself  with  Windows  Server  System. 

An  upgrade  to  Microsoft  Windows  Server  System 
made  it  possible  for  50,000  worldwide  employees 
at  Nissan  Motor  Company  to  have  more  secure 
remote  access  to  their  e-mail  and  calendars 
from  any  Internet  connection,  without  the  hassle 
and  expense  of  a  VPN.  Here's  how:  By  deploying 
Windows  Server  2003  and  Exchange  2003,  not  only 
did  Nissan  IT  meet  the  CEO's  demand  for  better  global 
collaboration,  they  expect  to  save  at  least  $135  million 
by  streamlining  their  messaging  infrastructure. 
To  get  the  full  Nissan  story  or  find  a  Microsoft 
Certified  Partner,  go  to  microsoft.com/wssystem 


Windows  Server  System™  includes: 


Windows  Server™ 


Virtual  Server 


SQL  Server 


Exchange  Server 


Office  SharePoint'  Portal  Server 


BizTalk '  Server 


Systems  Management  Server 
Microsoft1  Operations  Manager 


Internet  Security  &  Acceleration  Server 


Server  Platform 
Virtualization 

Data  Management  &  Analysis 

Communications 

Portals  &  Collaboration 

Integration 

Management 


Security 

Plus  other  software  products 


SAS  gives  Amazon.com 
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TO  KNOW 


how  to  provide  millions  of  customers  with  a 
large  selection,  low  prices  and  excellent  service. 


-  i  '  It  begins  with  your  first  visit  to  Amazon.com  and  continues  through  the  arrival  of  every  order.  The  unique 
,  A*  *  '  '  online  shopping  experience  you  deserve,  the  selection  you  demand  and  the  low  prices  that  keep  you  coming 

back  again  and  again.  SAS  is  proud  to  provide  the  business  intelligence  and  analytics  software  that  helps 
Amazon.com  keep  costs  low  —  and  pass  savings  on  to  its  customers  —  while  providing  excellent  service. 
To  learn  more  about  Amazon.com  and  other  SAS  success  stories  that  go  Beyond  Bl,  call  1  866  270  5740  or 
m visit  our  Web  site. 

www.sas.com/amazon 
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JEFF  BEZOS 

FOUNDER  AND  CEO,  AMAZON.COM 
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Health  Services 

In  the  Technology  section:  Health  care 
organizations  are  using  Web  services  to 
move  information  between  systems  and, 
ultimately,  improve  patient  care,  say  IT 
professionals  like  Furrukh  Khan  (left)  of 
the  Ohio  State  Medical  Center.  Page  26 


The  100-Year  Archive  Dilemma 

In  the  Management  section:  As  more  organizations  store 
more  data  longer,  a  key  issue  for  storage  specialists,  such 
as  Adam  Jansen  of  the  state  of  Washington,  is  how  to  re¬ 
trieve  that  data  in  10,  20  or  100  years,  when  data  formats, 
software  and  hardware  will  be  different.  The  IT  industry 
says  it’s  working  on  the  problem.  Page  39 
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6  EMC  moves  up  the  release 
of  two  high-end  Symmetrix 
arrays,  which  will  offer  as 
much  as  a  half-petabyte  of 
storage,  sources  say. 

6  IBM  realigns  its  Global  Ser¬ 
vices  unit  after  the  departure 
of  top  executive  John  Joyce. 

7  Several  Web  services  proj¬ 
ects  have  been  initiated  to  en¬ 
able  business-to-business 
transactions. 

7  Sprint  launches  an  assess¬ 
ment  service  to  gauge  com¬ 
panies’  mobile  technology 
needs  and  strategies. 

10  A  proposed  data-loss  bill 

draws  jeers  from  some  IT 
managers. 

10  Visa,  American  Express  cut 

ties  with  the  data  processing 
firm  that  exposed  as  many  as 
40  million  account  numbers 
this  past  spring. 

12  Global  Dispatches:  Several 
African  countries  are  looking 
for  business  process  outsourc¬ 
ing  dollars. 

12  Business  complaints  about 
Sarbanes-Oxley  are  “short¬ 
sighted,”  says  a  former  SEC 
chief. 

18  Q&A:  A  Microsoft  exec  talks 
about  the  company’s  plans  to 
sell  services  as  products. 

56  A  911  emergency  system  in 

Massachusetts  gets  a  restart 
after  a  software  glitch  resulted 
in  a  delayed  response  to  an 
emergency  call. 


23  Up  From  a  Low-Quality 
Quagmire.  Companies  are 
trying  to  exterminate  soft¬ 
ware  bugs  by  paying  more 
attention  to  the  entire  life 
cycle  of  each  application. 

32  Security  Manager’s  Journal: 
Getting  Started  on  Database 
Security.  C.J.  Kelly  takes  a 
look  at  the  security  of  her  em¬ 
ployer’s  information  assets 
and  realizes  the  application 
layer  is  the  weak  link. 

34  QuickStudy:  RATs.  Remote 
administration  Trojans  are 
pieces  of  malicious  software 
that  let  intruders  remotely 
control  computers  across 
a  network  or  through  the 
Internet. 

MANAGEMENT 

42  Farewell  to  Fiefdoms.  The 

Southern  Co.  was  ahead  of  its 
time  when  it  pioneered  an  IT 
shared-services  concept  10 
years  ago.  Today,  it’s  reaping 
the  benefits  on  the  bottom 
line  and  in  the  career  paths  of 
its  CIOs. 

44  Managers’  Forum:  Read  the 
debut  of  Paul  Glen’s  advice 
column,  in  which  he  answers 
readers’  questions  about  the 
art  and  craft  of  management. 
One  reader  asks  how  to  man¬ 
age  a  CIO  who  has  a  bad  case 
of  “rock-star-itis.” 

46  Career  Watch:  We  look  at  the 
hiring  prospects  for  tempo¬ 
rary  IT  workers.  Plus,  a  new 
study  reveals  a  bright  outlook 
for  hiring  in  the  third  quarter. 


8  On  the  Mark:  Mark  Hall  re¬ 
ports  on  new  tools  designed 
to  help  enforce  access  policies 
and  block  the  distribution  of 
sensitive  data  via  mobile  de¬ 
vices  that  move  in  and  out  of 
IT’s  control. 

20  Don  Tennant  looks  at  last 
week’s  events  involving  HP, 
Interex  and  HP  World  and  de¬ 
cides  that  it’s  even  more  criti¬ 
cal  for  HP’s  CEO  to  show  up  at 
the  company’s  user  conference. 

20  Dan  Gillmor  wonders  if  the 
Microsoft  antitrust  settlement 
led  Intel  to  believe  it  had  a 
free  pass  to  monopolistic  be¬ 
havior. 

21  David  Bowes  recalls  that  the 
best  IT  training  he  ever  got 
came  on  the  factory  floor. 

36  Mark  Willoughby  thinks  agile 
programming  may  represent 
a  disruptive  technology  for 
software  development. 

48  Stefan  Steurs  says  the  emerg¬ 
ing  global  village  brings  bene¬ 
fits  as  well  as  trauma,  but  only 
for  those  who  embrace  it. 

58  Frankly  Speaking:  Frank 
Hayes  doesn’t  buy  the  idea  that 
watching  how  slackers  misuse 
the  Internet  at  work  will  im¬ 
prove  worker  productivity. 
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From  the  Front  Lines  of 
An  Outsourcing  Deal 

IT  MANAGEMENT:  Gerardo  Estrada  made 
the  transition  from  Procter  &  Gamble  to 
Hewlett-Packard,  and  then  he  moved 
from  Mexico  to  Costa  Rica.  Based  on  those 
experiences,  he’s  got  some  advice  for  IT 
managers  overseeing  similar  transitions. 

O  QuickLink  55532 

Options  for  Modernizing 
Legacy  Systems 

DEVELOPMENT:  Joseph  Gentry  of  Software 
AG  explains  the  benefits  of  preserving  and 
extending  applications  instead  of  ripping 
and  replacing  them,  and  he  details  four  ways 

to  do  so.  O  QuickLink  55605 

Priceline  Turns  to  Utility  Storage 

STORAGE:  Priceline.com  CIO  Ron  Rose 
credits  his  flexible  storage  environment 
for  multiple  benefits,  including  high  avail¬ 
ability,  in  this  interview  with  Storage  Net¬ 
working  World  Online.  ©  QuickLink  a6710 

Secrets  of  Superspies 

WEBCAST:  In  this  video  presentation,  securi¬ 
ty  expert  and  author  Ira  Winkler  describes 
actual  acts  of  espionage,  including  those  that 
he  committed,  to  demonstrate  the  most  cost- 
effective  security  programs  for  large  organi¬ 
zations.  ©  QuickLink  a669Q 
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Throughout  each  issue  of 
Computerworld,  you'll 
see  five-digit  QuickLink  codes 
pointing  to  related  content  on 
our  Web  site.  Also,  at  the  end  of 
each  story,  a  QuickLink  to  that 
story  online  facilitates  sharing  it 
with  colleagues.  Just  enter  any 
of  those  codes  into  the  Quick¬ 
Link  box,  which  is  at  the  top  of 
every  page  on  our  site. 
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Microsoft  Buys 
E-mail  Managed 
Services  Firm . . . 

Microsoft  Corp.  has  agreed  to  ac¬ 
quire  FrontBridge  Technologies 
Inc.  in  an  effort  to  bolster  its  man¬ 
aged  services  and  messaging  se¬ 
curity  business.  FrontBridge  pro¬ 
vides  managed  services  for  e-mail 
security,  compliance  and  avail¬ 
ability.  The  160-employee  firm 
will  become  part  of  Microsoft’s 
Exchange  Server  group  when  the 
deal  closes,  likely  in  September. 
Terms  weren’t  disclosed. 


. . .  And  Is  Fueled  by 
Server,  Tool  Sales 

In  other  Microsoft  news,  the  com¬ 
pany  posted  solid  growth  for  its 
fiscal  2005  fourth  quarter,  high¬ 
lighted  by  sales  of  server  software 
and  development  tools. 


MICROSOFT  BY  THE  NUMBERS 


REVENUE  PROFIT 


IMi 

S10.16B 

KHi 

in 

13X9 

S9.29B 

S2.69B 

SAP  Profit,  Revenue 
Rise  on  ERP  Sales 

SAP  AG  reported  a  rise  in  net  in¬ 
come  and  revenue  for  the  second 
quarter,  driven  by  increased  sales 
of  its  ERP  software  in  Asia  and 
the  Americas. 


SAP  BY  THE  NUMBERS 


REVENUE  PROFIT 


Q2’05 

S2.44B 

S350M 

Q2’04 

S2.16B 

Short  Takes 


CHOICEPOINT  INC.  took  a  $6  mil¬ 
lion  second-quarter  charge  to 
cover  costs  related  to  the  theft 
of  the  personal  information  of 
145,000  consumers  earlier  this 
year. . . .  MICROSOFT  announced 
that  it  has  chosen  an  official 
name  for  its  upcoming  operating 
system,  code-named  Longhorn. 
The  new  name  is  Vista _ BUSI¬ 

NESS  OBJECTS  SA  has  agreed  to 
buy  performance  management 
software  maker  SRC  SOFTWARE 
INC.  for  S100  million  in  cash. 


Symmetrix  7  May  Get  Early  Launch 


EMC  arrays  to 
offer  up  to  half  a 
petabyte  of  storage 

BY  LUCAS  MEARIAN 

mc  corp.  today  will 
unveil  two  new  ver¬ 
sions  of  its  high-end 
Symmetrix  array  that 
will  more  than  triple  storage 
capacity,  quadruple  cache  and 
double  internal  and  external 
throughput  of  its  previous  of¬ 
ferings,  sources  said. 

The  arrays,  however,  aren’t 
expected  to  offer  virtualiza¬ 
tion  capabilities  or  the  ability 
to  combine  management  of 
Symmetrix  and  midrange 
Clariion  systems,  a  feature 
users  are  clamoring  for. 

The  seventh  generation 
of  Symmetrix,  or  Symm  7,  is 
nonetheless  expected  to  raise 
the  bar  in  the  storage  industry 
by  offering  up  to  half  a  peta¬ 
byte  of  storage  and  mirrored 
cache  for  up  to  1TB  of  memory. 

The  Symm  7  announcement 
comes  months  ahead  of  the 
expected  introduction  of  the 
arrays  this  fall. 

EMC  last  week  was  coy 


about  its  plans,  but  said  it 
would  make  “one  of  its  most 
important  announcements  for 
2005”  today. 

During  an  earnings  call  last 
Thursday,  Joe  Tucci,  CEO  of 
the  Hopkinton,  Mass.-based 
vendor,  said,  “My  marketing 
team  has  definitely  instructed 
me  to  not  tell  you  [today’s 
event]  will  be  for  the  launch 
of  Symm  7.” 

In  a  report  last  week,  Shebly 
Seyrafi,  an  analyst  at  Merrill 
Lynch  &  Co.,  said  the  new 
DMX  3500  and  4500  arrays  are 
expected  to  sport  4Gbit/sec. 
Fibre  Channel  ports  on  the 
front  end  and  internal  through¬ 
put  speeds  of  160GB/sec.  In 
comparison,  the  DMX  3000 
has  throughput  of  64GB/sec. 

According  to  the  report,  the 
DMX  3500  will  hold  up  1,440 
disk  drives  for  432TB  of  stor¬ 
age  capacity,  and  the  DMX 
4500  will  have  up  to  1,920 
drives  for  576TB  of  capacity. 

In  comparison,  the  DMX  3000 
has  a  capacity  of  172TB. 

John  Halamka,  CIO  at  Care- 
Group  Healthcare  System  in 
Boston,  said  he  expects  EMC  to 
develop  closer  links  between 


HI  expect 
everything 
to  be  faster,  bigger 
and  cheaper  as 
time  goes  on. 

LEV  KATZ,  DATA  CENTER  MANAGER, 
MiDAMERICA  BANK  FSB 

its  Symmetrix  and  Clariion 
products  over  the  long  term. 

Halamka  said  he  believes 
that  a  system  for  combined 
management  of  Symm  7  and 
Clariion  hardware  will  be 
based  on  future  upgrades  to 
both  the  storage  software 
management  platforms  and 
firmware-based  replication. 

It  isn’t  surprising  to  Halam¬ 
ka  that  Symm  7  doesn’t  in¬ 
clude  these  features.  “We  nev¬ 
er  expected  firmware  replica¬ 
tion  between  Clariion  and 
Symm  at  this  time,”  he  said. 
“We  would  expect  improve¬ 
ments  in  storage  management 
tools  to  evolve  under  a  new 
applications  framework”  that 
would  link  Symmetrix,  Clari¬ 
ion  and  third-party  arrays. 

Halamka  said  his  IT  team 
members  “favor  the  look  and 


feel  of  Clariion’s  Navisphere 
management  tools  versus 
Symmetrix’s  Control  Center.” 

Lev  Katz,  data  center  opera¬ 
tions  manager  at  MidAmerica 
Bank  FSB  in  Naperville,  Ill., 
said  he’s  looking  for  more 
Navisphere-like  functionality 
in  Control  Center  than  is  ex¬ 
pected  today. 

Katz,  who  uses  both  Sym¬ 
metrix  and  Clariion  arrays, 
said  more  hard-drive  space 
doesn’t  impress  him  because 
“I  expect  everything  to  be 
faster,  bigger  and  cheaper  as 
time  goes  on.” 

However,  he  said  the  mir¬ 
rored  cache  does  impress  him, 
“because  that’s  a  technology 
breakthrough”  for  EMC.  Katz 
wants  EMC,  first  and  fore¬ 
most,  to  improve  the  granular¬ 
ity  of  the  management  fea¬ 
tures  on  the  Symmetrix. 

Seyrafi  said  that  although 
EMC  has  been  emphasizing  its 
midrange  Clariion  line  and 
software,  the  high-end  Sym¬ 
metrix  array  and  related  soft¬ 
ware  and  services  still  repre¬ 
sent  EMC’s  “largest  revenue 
component,”  accounting  for 
40%  of  revenue.  ©  55736 


IBM  Services  Head  Leaves  Amid  Reorg 


Several  personnel 
moves  announced 


BY  STACY  COWLEY 

IBM  last  week  said  it  is  reor¬ 
ganizing  its  Global  Services 
business  and  has  chosen  a  pair 
of  executives  to  replace  the 
group’s  leader,  John  Joyce. 

Joyce,  a  30-year  veteran  of 
IBM  who  once  served  as  its 
chief  financial  officer,  is  joining 
Silver  Lake  Partners,  a  private 
technology  investment  firm. 

Taking  charge  of  IBM  Glob¬ 
al  Services  will  be  Ginni 
Rometty,  senior  vice  president 
of  enterprise  business  ser¬ 
vices,  and  Mike  Daniels, 
senior  vice  president  of  IT 
services.  The  two  will  report 
to  IBM  CEO  Sam  Palmisano. 

Charles  King,  an  analyst  at 


Pund-IT  Research  in  Hayward, 
Calif.,  said  the  dual  manage¬ 
ment  structure  makes  sense 
for  the  Global  Services  busi¬ 
ness,  which  he  called  a  “behe¬ 
moth  within  a  behemoth.” 

“I  think  the  idea  of  dividing 
it  into  disparate  organizations 
makes  a  good  deal  of  sense,” 
he  said. 

An  IBM  spokesman  said  the 
moves  were  not  made  in  re¬ 
sponse  to  problems  in  the  ser¬ 
vices  business.  Although  the 
unit  fell  short  of  expectations 
in  the  first  quarter,  it  appears 
to  have  righted  itself  since. 
Global  Services  boosted  its 
contracted  backlog  by  $3  bil¬ 
lion  year  over  year  in  the  sec¬ 
ond  quarter. 

The  spokesman  said  the  re¬ 
aligned  services  group  will  fo¬ 
cus  more  heavily  on  “high  val¬ 


ue”  skills,  like  those  in  the 
Business  Consulting  Services 
(BCS)  group  IBM  formed 
around  its  acquired  Price- 
waterhouseCoopers  Consult¬ 
ing  practice.  Rometty  previ¬ 
ously  ran  BCS. 

Daniels,  who  joins  Rometty 
at  the  helm  of  Global  Services, 
previously  ran  sales  for  IBM 
Americas.  He  will  be  replaced 
in  that  role  by  Marc  Lauten- 
bach,  who  was  general  manag¬ 
er  of  IBM’s  small-  and  mid- 
size-business  efforts. 

IBM’s  new  structure  also 
spotlights  executive  Bob  Mof¬ 
fat,  who  was  named  senior 
vice  president  of  integrated 
operations. 

At  the  same  time,  IBM  said 
that  Janet  Perna,  general  man¬ 
ager  of  the  information  man¬ 
agement  unit,  plans  to  retire 


after  more  than  two  decades 
with  the  company.  Her  job  will 
go  to  Ambuj  Goyal,  general 
manager  of  IBM’s  Workplace, 
Portal  and  collaboration  soft¬ 
ware  division. 

In  another  executive  move, 
IBM  promoted  Nicholas 
Donofrio  to  executive  vice 
president  of  technology  and 
innovation.  He  will  oversee  a 
number  of  areas,  including 
IBM’s  famed  research  group. 

Keeping  IBM  Global  Ser¬ 
vices  running  smoothly  is  a 
priority  for  the  company, 
which  has  reshaped  itself  in 
the  past  decade  around  the 
services  business.  Prudential 
Equity  Group  LLC  analyst 
Steve  Fortuna  praised  Global 
Services  as  a  gem  that’s  under- 
appreciated  by  Wall  Street. 
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Web  Services  Mature,  See 
More  B2B  Transaction  Use 


Companies  launch 
projects  to  link  to 
business  partners 

BY  HEATHER  HAVENSTEIN 

Buoyed  by  improved  technol¬ 
ogy  and  maturing  standards, 
many  IT  operations  are  ramp¬ 
ing  up  efforts  to  extend  the 
use  of  Web  services  from  ap¬ 
plication  integration  projects 
to  ones  involving  business-to- 
business  transactions. 

For  example,  Starwood  Ho¬ 
tels  &  Resorts  Worldwide  Inc., 
this  month  purchased  Web 
services  management  tools  in 
preparation  for  a  major  devel¬ 
opment  project  that’s  due  to 
begin  this  fall. 

Starwood  plans  to  move  its 
loyalty  business  application 


and  its  core  IT  system  —  a 
reservation  and  booking  en¬ 
gine  —  off  its  mainframe,  said 
Tom  Conophy,  chief  technolo¬ 
gy  officer  at  the  White  Plains, 
N.Y.-based  company. 

The  project  is  part  of  a 
4-year-old  effort  to  migrate 
from  mainframe-based  sys¬ 
tems  to  distributed  hardware 
running  Linux  and  Unix.  The 
new  IT  platform  will  include  a 
services  layer  to  expose  busi¬ 
ness  logic  to  Starwood’s  call 
centers  and  its  partners  in  the 
sales  channel  and  other  areas. 

By  March  2006,  Starwood 
plans  to  begin  moving  its  700 
hotels  to  the  new  reservation 
system  while  boosting  the 
number  of  Web  services  it  has 
in  production  from  60  to  150. 

Conophy  said  Starwood  will 


use  a  Web  services  broker  and 
a  centralized  control  console 
tool  from  Actional  Corp.  in 
Mountain  View,  Calif.,  to  re¬ 
place  homegrown  tools  cob¬ 
bled  together  two  years  ago. 

“We  wanted  better  automa¬ 
tion  to  track  performance  of 
services,  the  latency  of  ser¬ 
vices  and  to  tell  us  if  some¬ 
thing  is  outside  of  the  norm  so 
we  could  take  action  on  it,” 
Conophy  said. 

Savings  Anticipated 

Migrating  the  reservations  ap¬ 
plication  off  the  mainframe 
will  cost  between  $10  million 
and  $60  million,  Conophy 
said.  In  the  end,  however,  he 
expects  the  entire  mainframe 
migration  to  net  $10  million  to 
$20  million  in  annual  savings. 


WEB  SERVICES  SPREAD 


How  do  you  envision  using 
Web  services  within  your 
organization  in  the  next  year? 


Internal  application 
integration 

Integration  with  part¬ 
ners  and  customers 

Building  composite 
applications 

We  don’t  plan  to 
use  Web  services  in 
the  coming  year 

Other 


Base:  Survey  of  200  IT  and  business  managers 
Respondents  could  choose  all  that  applied. 


Stratus  Technologies  Inc., 
a  maker  of  fault-tolerant 
servers,  last  month  went  into 
production  with  a  Web  ser¬ 
vices  business-to-business 
system  that  replaced  its  pro¬ 
prietary  system  for  managing 
invoicing,  order  confirmation 


Sprint  Offers  to  Gauge  Mobile  Needs, 
Strategies  With  Assessment  Service 


Early  user  looks 
to  lower  costs, 
boost  IT’s  control 

BY  MATT  HAMBLEN 

Sprint  Corp.  today  will  launch 
a  service  through  which  it 
will  assess  companies’  mobile 
technology  needs  and  offer 
them  advice  on  managing 
handhelds,  cell  phones,  sup¬ 
porting  software  and  their 
wireless  service  plans. 

Sprint  will  price  its  Mobile 
Business  Assessment  (MBA) 
service  at  $50,000  to  $70,000 
for  engagements  that  last  four 
to  eight  weeks,  making  the 
commitment  far  less  expen¬ 
sive  than  full-fledged  profes¬ 
sional  services  contracts  are, 
said  Scott  Boehmer,  general 
manager  of  the  vendor’s  Mo¬ 
bile  Business  Solutions  unit. 

Sprint  will  be  agnostic 
about  wireless  products  and 
services,  Boehmer  said, 
promising  that  MBA  isn’t  de¬ 


signed  to  push  its  own  offer¬ 
ings.  The  vendor  will  send 
teams  of  consultants  into  com¬ 
panies  to  interview  employees 
and  analyze  mobile  installa¬ 
tions  and  corporate  policies.  It 
will  then  produce  reports  and 
provide  advice  on  developing 
long-term  mobile  strategies 
and  lowering  costs. 

Sprint  recently  finished  a 
pair  of  assessments  for  Carl¬ 
son  Companies  Inc.  at  a 
combined  cost  of  less  than 
$100,000,  said  Brian  Vik,  direc¬ 
tor  of  telephony  solutions  at 
the  Minneapolis-based  hospi¬ 
tality  and  travel  company.  The 
assessments  involved  inter¬ 
views  with  92  employees  in  15 
business  units,  plus  a  review 
of  mobility  policies  and 
monthly  expense  records. 

Vik  said  Sprint  found  that 
Carlson  was  spending  more 
than  $4  million  annually  on 
mobile  technology  and  ser¬ 
vices.  It  made  recommenda¬ 
tions  that  could  drive  those 


costs  down  by  35%  and  help 
Carlson  make  better  use  of 
mobile  technology,  he  added. 

“We  found  in  the  assess¬ 
ments  that  we  were  very  unor¬ 
ganized  with  our  wireless  ap¬ 
proach,  whether  it  be  using 
cell  phones  or  BlackBerries,” 
Vik  said.  He  noted  that  Carl¬ 
son’s  current  approach  is 
based  on  the  personal  prefer¬ 
ences  of  end  users  instead  of 
a  corporate  plan.  “We  need 
policies,”  he  said. 


H  We  found. . . 

that  we  were 
very  unorganized 
with  our  wireless 
approach,  whether  it 
be  using  cell  phones 
or  BlackBerries. 

BRIAN  VIK,  DIRECTOR.  TELEPHONY 
SOLUTIONS,  CARLSON  COMPANIES 


Carlson  hopes  to  implement 
Sprint’s  recommendations 
over  the  next  six  to  18  months. 
One  decision  already  made 
following  the  assessments  was 
to  name  an  executive  sponsor 
of  the  mobility  program.  Carl¬ 
son  chose  its  vice  president  of 
human  resources  to  handle 
the  chore  of  “sending  a  tough 
message”  that  all  mobile  de¬ 
vices  used  by  workers  need  to 
be  bought  and  controlled  by 
the  company,  Vik  said. 

Only  about  half  of  the  3,500 
or  so  devices  now  used  by 
Carlson’s  workers  are  owned 
by  the  company.  Going  for¬ 
ward,  if  an  employee’s  job  re¬ 
quires  a  device  such  as  a  smart 
phone  or  a  BlackBerry,  “we 
will  pay  [the  cost]  because  the 
function  requires  it,”  Vik  said. 

Sprint’s  program  is  unique 
among  network  carriers,  said 
Gene  Signorini,  an  analyst  at 
The  Yankee  Group  in  Boston. 
Signorini  said  Sprint  “has  to 
come  into  a  company  with  a 
technology-agnostic  approach 
or  they  won’t  have  credibility.” 
But,  he  added,  users  shouldn’t 
forget  that  MBA  “opens  up  the 
opportunity  for  Sprint  to  sell 
other  services.”  ©  55741 
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and  shipment  document  ex¬ 
changes  with  its  contract  man¬ 
ufacturers. 

Maynard,  Mass.-based  Stra¬ 
tus  used  an  enterprise  service 
bus  (ESB)  from  Waltham, 
Mass.-based  Cape  Clear  Soft¬ 
ware  Inc.  to  replace  a  messag¬ 
ing  system  that  directly  ex¬ 
changed  data  between  its  own 
ERP  system  and  those  of  its 
manufacturers. 

Cecelia  LeBlanc,  IS  manager 
at  Stratus,  said  the  company 
expects  the  ESB  to  lower 
maintenance  costs  by  70%  and 
boost  productivity  by  20%. 

Escaping  the  Enterprise 

Vendors,  meanwhile,  have 
been  enhancing  their  tools  to 
support  Web  services  outside 
the  enterprise. 

Earlier  this  month,  SOA 
Software  Inc.  in  Santa  Monica, 
Calif.,  announced  a  new  ver¬ 
sion  of  its  XML  VPN  Web  ser¬ 
vices  tool  set  that  added  sup¬ 
port  for  digitally  signing  mes¬ 
sages.  And  Oracle  Corp.  un¬ 
veiled  an  integrated  business 
process  platform  designed  to 
help  companies  secure  and 
manage  internal  or  external 
Web  services. 

Ron  Schmelzer,  an  analyst  at 
ZapThink  LLC  in  Waltham, 
Mass.,  said  the  use  of  Web  ser¬ 
vices  for  external  transactions 
is  reaching  a  tipping  point,  as 
vendors  beef  up  their  prod¬ 
ucts  to  address  critical  chal¬ 
lenges  such  as  services  or¬ 
chestration  and  security  based 
on  maturing  standards. 

Thomson  Learning,  a  pro¬ 
fessional  and  academic  testing 
company  in  Stamford,  Conn., 
has  Finished  a  project  under¬ 
taken  with  its  business  part¬ 
ners  to  develop  a  system  that 
uses  Web  services  to  schedule 
tests  and  transmit  scores. 

This  month,  the  company 
will  begin  working  on  a  sys¬ 
tem  to  manage  the  identity 
verification  process  in  its 
business-to-business  trans¬ 
actions.  The  goal  is  to  make  it 
possible  for  its  partners  to  eas¬ 
ily  pass  through  various  Web 
services  as  a  back-end  security 
token  server  automatically 
verifies  end-user  identities, 
said  Christopher  Crowhurst, 
Thomson  vice  president  and 
principal  architect.©  55733 
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Intel  Unveils  Pair  of 
Itanium  2  Chips 

Intel  Corp.  has  taken  the  wraps 
off  two  new  Itanium  2  processors 
that  should  tide  the  company  over 
until  the  expected  launch  of  its 
first  dual-core  Itanium  processor 
later  this  year.  Intel  said  that  it 
added  two  1.66-GHz  Itanium  2 
processors  that  are  notable  be¬ 
cause  they  each  have  a  667-MHz 
front-side  bus,  which  provides  a 
faster  link  between  the  CPU  and 
the  system’s  main  memory. 

IBM’s  Results 
Return  to  Form 

IBM  returned  to  financial  form  in 
the  second  quarter,  reporting  in¬ 
come  growth  and  solid  revenue 
after  scaring  financial  analysts  by 
falling  short  of  expectations  in  its 
first  quarter. 


IBM  BV  THE  NUMBERS 

REVENUE  If  PROFIT  | 

Q2’05 

IE&H! 

S1.83B 

Q2  ’04 

EIO 

S1.74B 

i2  Stock  Is  Back  on 
Nasdaq  Exchange 

After  a  two-year  hiatus,  shares  of 
i2  Technologies  Inc.  stock  can  be 
traded  on  the  Nasdaq  Stock  Mar¬ 
ket.  The  Dallas-based  vendor  said 
that  the  Nasdaq  Listing  Qualifica¬ 
tions  Panel  agreed  to  let  i2  com¬ 
mon  stock  return  to  the  exchange 
late  last  week.  New  York-based 
Nasdaq  began  delisting  efforts 
against  i2  in  late  March  2003. 
Since  May  2003,  i2  stock  has 
traded  on  the  National  Quotation 
Service  Bureau. 


Lucent  Profit  Down, 
But  Sales  Up  7% 

Lucent  Technologies  Inc.  reported 
a  decline  in  profit  for  its  third  fis¬ 
cal  quarter,  although  strong  sales 
of  third-generation  mobile  net¬ 
work  gear  helped  boost  revenue. 
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Don’t  Fall  Over 
The  Security  Cliff . . . 

...  on  your  network  edge.  With  PDAs,  smart  phones, 
USB  fobs,  laptops  and  other  portable  devices  attach¬ 
ing  to  and  detaching  from  your  network  at  will,  you 
need  to  heed  warnings  that  crucial  corporate  data 
might  slip  by  your  firewalls,  intrusion-detection 


systems  and  user 
authentication  proc¬ 
esses.  “IT  managers 
have  been  totally 
blindfolded  with  re¬ 
gard  to  the  security  of 
endpoints,”  argues  Gil 
Sever,  CEO  of  Safend 
Ltd.  in  Tel  Aviv.  In 
early  September,  the 
company  hopes  to 
remedy  part  of  the 
problem  with  its  new  Safend 
Protector  software.  The  tool 
includes  client-side  code  for 
Windows-based  systems  that 
enforces  device  access  poli¬ 
cies  at  the  corporate,  depart¬ 
mental  or  individual  level. 

For  example,  you  can  restrict 
a  laptop’s  ability  to  print  to 
different  printers  based  on  its 
location  or  serial  number.  Or 
you  can  allow  end  users  to 
read  from  USB  thumb  drives 
but  not  write  to  them.  When 
you  install  Protector  or 
change  access  policies,  you 
need  not  reboot  your  PCs, 
Sever  says.  Pricing  will  start 
at  $32  per  seat,  and  volume 
discounts  are  available. 

While  many  of  you  manage 


VAETH: 

Authenticate 
the  device  and 
its  user. 


mobile  workers 
whose  pockets  are 
stuffed  with  all  man¬ 
ner  of  messaging  and 
Web-ready  gadgets, 
some  of  you  oh-so- 
lucky  ones  get  to  sup¬ 
port  countless  con¬ 
sumers  accessing 
your  systems  with  an 
even  wider  array  of 
digital  devices.  How 
do  you  know  the  person  who 
just  downloaded  her  stock 
portfolio  to  a  Palm  device  is 
who  she  says  she  is?  A  static 
ID  and  password,  perhaps? 

Stu  Vaeth,  chief  security  offi¬ 
cer  at  Diversinet  Corp.  in 
Toronto,  thinks  that  isn’t 
enough.  His  company’s  Mobi- 
Secure  software  lets  you  dy¬ 
namically  provision  pass¬ 
words  to  mobile  devices  via 
soft  tokens.  The  tiny  app  runs 
on  BlackBerry,  Java,  Palm, 
Symbian  and  Windows  CE 
handhelds  and  is  accessed  via 
a  PIN.  It  calls  a  back-end  se¬ 
curity  application  to  verify 
the  device  so  the  user  can 
then  sign  in.  VeriSign  Inc. 
liked  MobiSecure  enough  to 


R00P: 

Protect 
yourself  from 
end  users. 


plan  field  tri¬ 
als  for  later 
this  summer 
with  the  in¬ 
tention  of 
rolling  out 
the  software 
in  the  fall  as 
part  of  its 
United  Au¬ 
thentication 
technology. 

Diversinet  also  hopes  to  sell 
MobiSecure  through  other 
vendors,  Vaeth  says. 

The  treacherous  network 
edge  is  made  even  scarier  by 
malicious  or  incompetent  end 
users  who  can  easily  access 
and  distribute  confidential  in¬ 
formation.  According  to  Steve 
Roop,  vice  president  of  mar¬ 
keting  at  Vontu  Inc.  in  San 
Francisco,  68  security  breach¬ 
es  had  been  made  public 
this  year  through  mid-July, 
prompted  partly  by  Califor¬ 
nia’s  data  breach  disclosure 
law.  Of  the  64  incidents  in 
which  the  source  of  the  data 
leak  has  been  identified, 

49%  were  caused  by  insiders, 
Roop  says.  He  claims  the 
Vontu  5.0  security  software 
suite,  which  is  due  to  ship  by 
the  end  of  September,  can 
vastly  reduce  your  chances  of 
getting  burned  by  your  end 
users.  A  new  module  called 
Vontu  Discover  crawls 
through  your  network  looking 
for  more  than  200  file  types 
that  may  contain  private  data. 
Roop  says  the  software  can 
take  a  “fingerprint”  of  infor¬ 
mation  you  want  to  secure  — 
customer  data,  source  code, 
chemical  formulas  —  and  look 
for  exact  matches  on  storage 
devices  throughout  a  global 
network.  Vontu’s  tools  then 
block  the  unauthorized  send¬ 
ing  of  such  data  via  e-mail, 


50M 

Number  of  individuals  affected 
by  corporate  data  losses  since 
Feb.  15,  according  to  Privacy 
Rights  Clearinghouse. 


FTP  or  other  means.  Pricing 
for  the  suite  will  start  at 
$100,000. 

Terminal-emulation 
market  is  not . . . 

...  in  terminal  condition.  So 

says  Zvi  Alon,  CEO  of  Net- 
Manage  Inc.  in  Cupertino, 
Calif.  Alon  continues  to  pock¬ 
et  cash  by  selling  3270,  5250 
and  other  hoary  terminal- 
emulation  programs.  “Com¬ 
panies  are  buying  them  in  the 
tens  of  thousands  all  the 
time,”  he  says.  That’s  because 
when  companies  upgrade 
their  desktop  machines,  they 
generally  need  new  software, 
including  terminal  emulators. 
The  so-called  webification  of 
Cobol-laden  mainframe  ap¬ 
plications  hasn’t  hurt  his 
business  a  bit,  Alon  says, 
claiming  that  barely  5%  of 
mainframe  apps  can  be  ac¬ 
cessed  by  a  browser.  NetMan- 
age  does  have  tools  to  help  IT 
migrate  mainframe  programs 
for  browser  access.  But  a  big¬ 
ger  market,  Alon  suggests,  is 
integrating  corporate  apps 
into  overall  business  process¬ 
es.  To  that  end,  he  hints  that 
by  year’s  end,  NetManage 
will  deliver  an  application- 
development  framework  that 
lets  programmers  use  scripts 
to  link  mainframe  and  non¬ 
mainframe  apps  in  business 
or  service  processes. 

Word  users  get  on 
the  XML  content . . . 

. . .  management  road  with  a 
free  patch  from  Astoria  Soft¬ 
ware  Inc.  in  San  Mateo,  Calif. 
An  update  to  Astoria  XML 
Content  Management  Plat¬ 
form  4.4  lets  Word  users 
check  documents  in  and  out 
of  the  vendor’s  content  repos¬ 
itory  and  follow  the  work- 
flows  of  documents.  Accord¬ 
ing  to  Joe  Eschbach,  Astoria’s 
vice  president  of  marketing, 
end  users  won’t  have  to  learn 
new  content-authoring  tools 
such  as  XML-ready  Frame- 
Maker  or  Epic.  The  patch 
ships  by  July  29.  ©  55695 
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Legendary  Reliability' 


Now  you  can  quickly  deploy  a 
standard-  or  high-density  site  of  any  size 
with  scalable,  top-tier  availability. 


Part 

Number 

Usable 

IT  Racks 

Average 
kW  per  Rack 

Price 
to  buy 

Price  to  lease 
(36  installments) 

ISXCR1SY1BK1BP5 

1 

up  to  5kW 

$1 4,999* 

$499" 

ISXT240MD6R 

6 

up  to  5kW 

$1 49,999* 

$4,999“ 

ISXT240MD11R 

11 

up  to  5kW 

s249,999* 

s7,999** 

ISXT280MD40R 

40 

up  to  5kW 

s699,999‘ 

s21,999” 

ISXT2800MD100R 

100 

up  to  5kW 

$1 ,649,999* 

$50,999** 

High  Density  Configuration  (shown  above/ 

ISXT280HD8R 

8 

up  to  lOkW 

$399,999* 

$1 2,999** 

All  multi-rack  configurations  feature: 

f  N+ 1  power  and  cooling 
if  Secure,  self-contained  environment 
if  Peak  capacity  of  20kW per  rack 
f  Enhanced  service  package 
f  Integrated  management  software 


High  density  upgrades  start  at  $1 0,999 
On-site  power  generation  options  start  at  $29,999 


BBHSHBBHEj 

Age 


InfraStruXure”  Manager 


Order  your  solution  today.  Call  888-289-APCC  x3438. 


Tan  Stop,  Ic  Soloing 
Cooling  Piobltm 
CouMd  by  High 
Sorvor  Doploym 


InfraStruXure "  can  be  purchased  as  a 
modular,  or  mobile  system 


Visit  today  and  receive  FREE  APC  White  Papers 

Visit  us  online  and  download  APC  White  Papers. 

Don't  see  the  configuration  you  need? 

Try  APC's  online  InfraStruXure”  BuildOut  Tool  today  and  build  your  own  solution. 

Go  to  http://promo.apc.com  and  enter  key  code  c919x.  Call  888-289-APCC  x3438  Legendary  Reliability* 

*  Prices  do  not  include  IT  equipment  and  are  subject  to  change.  **  Indicative  rates  are  subject  to  market  conditions  ***  Install  and  delivery  times  may  vary. 


Infrastructure 

DATA  CENTERS  ON  DEMAND 

Highly  available  and  manageable, 
quick-to-install,  scalable  architecture 
that  easily  supports  both  standard- 
and  high-density  applications. 

-  Up  to  20 kW  a  rack  for  any 
blade  server  application 

-  Unlimited  racks 

-  Ships  in  5  days*** 

-  Installs  in  1  day*** 

-  Optional  on-site  power 
generation 

-  Raised  floor  not  required 

-  Vendor  neutral  guaranteed 
compatibility 


P 


InfraStruXure"  BuildOut  Tool 


©2005  American  Power  Conversion  Corporation.  All  trademarks  are  the  property  of  their  owners.  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  ISX4D4EF-USC 
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EDS  Wins  S170M 
Medicaid  Pact 

The  state  of  Kentucky  awarded 
Electronic  Data  Systems  Corp.  a 
contract  valued  at  up  to  $170  mil¬ 
lion  to  implement  a  management 
information  system  for  Medicaid. 
The  agreement  also  calls  for  EDS 
to  update  and  operate  the  state’s 
legacy  Medicaid  system.  The  new 
system  will  be  based  on  EDS’s 
interchange  Health  System, 
which  is  also  running  in  Okla¬ 
homa,  Kansas  and  Pennsylvania. 


Strong  PC  Demand 
Fuels  Intel  Results 

Intel  Corp.  credited  stronger- 
than-expected  PC  demand  for  a 
solid  increase  in  second-quarter 
revenue  and  net  income. 
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IBM  Buys  Electronic 
Forms  Company 

IBM  has  agreed  to  buy  PureEdge 
Solutions  Inc.  for  an  undisclosed 
sum.  IBM  plans  to  integrate 
PureEdge’s  electronic  forms  tech¬ 
nology  into  its  Workplace  and 
Lotus  collaboration  products. 
Victoria,  British  Columbia-based 
PureEdge,  an  IBM  business  part¬ 
ner,  builds  XML-based  software 
that  can  customize  business  ap¬ 
plications  as  well  as  capture  and 
display  data  in  other  applications. 


Microsoft  Sues 
Google  Over  Hiring 

Microsoft  Corp.  has  filed  a  lawsuit 
against  Google  Inc.  over  its  hiring 
of  a  former  Microsoft  executive. 

In  a  complaint  filed  in  Superior 
Court  in  Washington,  Microsoft 
alleges  that  Kai-Fu  Lee,  who 
joined  Google  to  head  research 
and  development  efforts  in  China, 
is  violating  a  noncompetition 
agreement.  Until  last  week,  Lee 
was  corporate  vice  president  of 
Microsoft’s  Natural  Interactive 
Services  division. 


IT  Managers  Criticize 
Federal  Data-Loss  Bill 


Contend  lost  encrypted  data  need  not 
be  reported,  act  would  incur  expenses 


BY  LUCAS  MEARIAN 

HE  PROGRESS  of  a 
U.S.  Senate  bill  that 
would  require  com¬ 
panies  to  disclose 
any  compromise  of  sensitive 
data  was  slowed  last  week  to 
allow  for  more  input  from 
senators. 

Several  IT  managers  inter¬ 
viewed  last  week  criticized  the 
proposed  bill  because  it  calls 
on  companies  to  disclose  the 
loss  of  data  regardless  of 
whether  it’s  encrypted  —  and 
because  it  calls  for  fines  of  up 
to  $11  million  for  failing  to  re¬ 
port  losses.  The  managers  con¬ 
tend  that  encrypted  data  is  un¬ 
likely  to  be  translated  if  stolen 


commercial  services  division 
at  Time  Warner  Cable  Inc. 
Time  Warner  last  spring  re¬ 
ported  the  loss  of backup  tapes 
that  contained  the  personal 
information  of  about  600,000 
current  and  former  employees 
[QuickLink  54151]. 

Coughlin  said  he  under¬ 
stands  the  principle  behind  the 
bill  —  to  protect  and  inform 
the  public.  However,  he  said 
companies  already  do  all  they 
can  and  contended  that  the  law 
would  be  a  deterrent  to  en¬ 
crypting  data  on  digital  tapes. 

Sophie  Louvel,  an  analyst  at 
Financial  Insights  in  Framing¬ 
ham,  Mass.,  said  encrypted 
data  isn’t  protected  as  fully  as 


The 

Identity  Theft 
Protection  Act 

What  the  proposal  entails: 

s  Businesses,  schools  and 
other  entities  that  collect 
sensitive  personal  informa¬ 
tion  are  covered. 


■  Such  entities  must  follow 
safeguards  set  by  the  FTC. 

■  Organizations  that  hold  sen¬ 
sitive  personal  data  must  no¬ 
tify  the  consumers  who  are 
affected  when  data  is  lost  or 
breached. 


■  Consumers  can  place  a 
“credit  freeze”  on  their  con¬ 
sumer  credit  reports. 


some  companies  believe.  “The 
encryption  can  be  decrypted 
pretty  easily,”  she  said. 

Charlie  Fulks,  CEO  of  Cred¬ 
it  Union  Data  Processing  Inc. 
in  Farmington,  Utah,  whose 
firm  started  encrypting  data 
this  year,  also  opposes  a  re¬ 
quirement  that  the  loss  of  en¬ 
crypted  data  be  reported. 

Fulks  pointed  out  that  en¬ 
crypted  digital  tapes  that  get 
lost  in  transit  are  very  secure. 

Lev  Katz,  data  center  opera¬ 
tions  manager  at  MidAmerica 
Bank  in  Naperville,  Ill.,  said  he 
would  want  to  be  notified  if 
his  personal  data  was  compro¬ 
mised,  even  if  it  was  encrypt¬ 
ed.  “And  I’m  working  at  a 
bank,  so  that  means  a  lot  to 
me,”  he  said. 

Daniel  Chow,  an  IT  systems 
and  security  engineer  at  Boe¬ 
ing  Employees’  Credit  Union 
in  Tukwila,  Wash.,  said  he 
“strongly”  agrees  with  the  bill 
in  terms  of  it  “lighting  a  fire 
underneath  some  firms’  butts 
to  start  protecting  their  data.” 
©  55734 


or  lost. 

The  federal  proposal  comes 
after  several  firms  reported 
the  loss  of  personal  data  in  re¬ 
cent  months  through  the  theft 
or  loss  of  tapes  and  through 
Internet  breaches. 

Consideration  Postponed 

The  Identity  Theft  Protection 
Act  was  slated  to  be  presented 
to  the  Senate  Committee  on 
Commerce,  Science  and  Trans¬ 
portation  last  week,  but  the 
move  was  postponed  “due  to 
overwhelming  member  inter¬ 
est  in  identity  theft  legislation,” 
according  to  the  committee’s 
Web  site.  The  bill  is  sponsored 
by  Commerce  Committee 
Chairman  Sen.  Ted  Stevens  (R- 
Alaska)  and  Sen.  Daniel  Inouye 
(D-Hawaii). 

If  the  bill  becomes  law,  or¬ 
ganizations  that  hold  sensitive 
personal  data  will  be  required 
to  secure  it  with  “physical  and 
technological  safeguards  that 
will  be  specified  by  the  Feder¬ 
al  Trade  Commission.” 

“You’re  micromanaging,  and 
you’re  going  to  add  some  dol¬ 
lar  amount  to  someone’s  busi¬ 
ness  that  has  no  effect  on  the 
general  population,”  said  Bo 
Coughlin,  vice  president  of  the 


Visa,  Amex  Cut  Ties  With  CardSystems  Due  to  Breach 


VISA  U.S.A.  INC.  and  American 
Express  Co.  are  terminating  their 
contracts  with  a  credit  card 
transaction-processing  compa¬ 
ny  that  was  hit  by  hacker  attacks 
that  exposed  40  million  card 
numbers  to  online  intruders. 

In  separate  announcements 
last  week,  Visa  and  Amex  said 
they  are  ending  their  relation¬ 
ships  with  CardSystems  Solu¬ 
tions  Inc.  in  Atlanta  because  the 
company  didn’t  meet  its  contrac¬ 
tual  requirements  in  providing 
credit  card  processing  services 
for  merchants. 

After  Oct.  31,  Visa  and  Amex 
will  no  longer  allow  CardSys¬ 
tems  to  process  their  transac¬ 
tions.  Meanwhile,  rival  Master- 
Card  International  Inc.  said  it  will 
continue  to  work  with  CardSys¬ 
tems  if  it  develops  a  detailed 
plan  by  Aug.  31  to  adequately 
improve  security  procedures. 

MasterCard  last  month  dis¬ 
closed  that  CardSystems’  sys¬ 
tems  were  breached.  Credit 
cards  issued  by  all  three  compa¬ 


nies  were  affected  by  the  breach 
[QuickLink  55146]. 

Rosetta  Jones,  a  spokes¬ 
woman  for  San  Francisco-based 
Visa,  said  in  a  statement  that  her 
firm’s  action  comes  “after  an  in¬ 
ternal  and  forensics  review  of 
its  processing  practices  demon¬ 
strated  that  -  in  violation  of 
Visa's  rules  -  [CardSystems]  did 
not  have  the  appropriate  con¬ 
trols  in  place  to  protect  card¬ 
holder  information.” 

Though  the  statement  ac¬ 
knowledged  that  CardSystems 
has  worked  to  fix  problems  that 
led  to  the  breach,  it  also  said, 
“CardSystems  has  not  correct¬ 
ed,  and  cannot  at  this  point  cor¬ 
rect,  the  failure  to  provide  proper 
data  security  for  Visa  accounts.” 

According  to  Jones,  Card- 
Systems  kept  cardholder  data 
on  file  after  transactions  were 
processed,  which  is  in  violation 
of  its  agreement  with  Visa. 

Judy  Tenzer,  a  spokeswoman 
for  New  York-based  Amex, 
wouldn’t  comment  on  the  direct 


cause  of  that  firm’s  termination 
of  the  contract  with  CardSys¬ 
tems.  A  spokesman  for  Card- 
Systems  didn't  respond  to  nu¬ 
merous  requests  for  comment. 

A  MasterCard  spokeswoman 
said  that  the  company  first  be¬ 
came  aware  of  the  CardSystems 
breach  in  May  and  promptly 
launched  an  investigation. 

In  a  statement  last  week, 
MasterCard  said  it  will  continue 
to  work  with  CardSystems,  at 
least  in  the  short  term,  because 
the  company  has  worked  to  im¬ 
prove  its  security  and  proce¬ 
dures  since  the  spring. 

“However,  if  CardSystems 
cannot  demonstrate  that  they  are 
in  compliance  by  [Aug.  31],  their 
ability  to  provide  services  to  Mas¬ 
terCard  members  will  be  at  risk," 
the  statement  said.  Merchants 
will  be  able  to  choose  another 
processing  company  to  provide 
the  services  once  CardSystems’ 
agreements  with  Visa  and  Amex 
have  ended,  Tenzer  said. 

-  Todd  R.  Weiss 
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The  best  view  in  the  city,  the  country, "the  world. 


At  one  time,  DHL  had  a  data  center  in  every  country  in  which 
it  operated.  The  result  was  a  massive  collection  of  small  IT 
networks  — without  a  mission  control.  With  the  help  of  HP 
Services  and  HP  OpenView  software,  hundreds  of  data  centers 
became  three.  By  consolidating,  DHL  is  now  better  able  to  share 
information,  implement  IT  changes  globally  and  “see”  their 
entire  network  from  a  single  point  of  control.  Now,  change  never 
goes  unnoticed.  For  more  on  HP’s  Consolidation  Solutions,  visit 
hp.com/info/consolidation 
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African  Countries  Try  to 
Boost  BPO  Investments 

ACCRA,  GHANA 

ollowing  a  route  that  was 
blazed  by  India  and  the  Philip¬ 
pines,  countries  throughout 
Africa  are  trying  to  become  competi¬ 
tive  destinations  for  business  process 
outsourcing  (BPO)  by  promoting  low- 
cost  labor,  offering  tax  breaks  and 
building  up  their  IT  infrastructures. 

KenCall  EPZ  Ltd.  recently  opened  in 
Nairobi  as  Kenya’s  first  international 
call  center,  for  instance.  Mauritius  is 
building  a  second  “cyber  tower”  office 
building  in  the  city  of  Ebene  to  host 
BPO  vendors.  And  Botswana  is  making 
a  big  push  for  BPO  investments  with  a 
favorable  corporate  tax 
rate  of  15%  that’s  guaran¬ 
teed  until  June  2020. 

South  Africa  leads 
Africa’s  BPO  sector  with 
call  centers  and  all  types 
of  back-office  operations, 
said  Peter  Ryan,  an  ana¬ 
lyst  at  London-based 
Datamonitor  PLC.  In 
South  Africa,  call  center 
agents  are  paid  an  aver¬ 
age  of  30%  less  than  they 
are  in  the  U.K.,  speak 


English  as  a  first  language  and  can 
handle  complex,  unscripted  calls, 
said  Luke  Mills,  executive  director  of 
CallingtheCape,  a  nonprofit  agency 
that  promotes  the  call  center  outsourc¬ 
ing  industry  in  Cape  Town. 

■  JOHN  YARNEY,  IDO  NEWS  SERVICE 


Aussie  Broadcaster 
Builds  Digital  Archive 

SYDNEY 

USTRALIAN  BROADCASTING  Corp. 
(ABC)  this  month  will  begin  digi¬ 
tizing  its  entire  film  and  radio 
archive,  in  a  $15  million  (Australian) 
project  that  may  set  a  national  record 
for  digital  storage  capacity. 

The  archive  will  grow  to  1.5  peta¬ 
bytes  in  three  to  five 
years,  without  counting 
new  content,  said  Fred 
Spark,  manager  of  sys¬ 
tems  management  ser¬ 
vices  at  the  Sydney-based 
broadcaster.  ABC  has  set 
up  a  workshop  where 
three  shifts  of  seven  peo¬ 
ple  will  do  the  labor- 
intensive  conversion 
work,  he  said. 

Over  the  past  nine 
months,  the  company  has 


GLOBAL  FACT 


Percentage  of  U.K. 
businesses  that  fail  to 
submit  their  Web  sites 
to  search  engines. 


installed  IBM  servers,  storage  arrays 
and  tape  libraries  to  support  the 
digital  archive. 

Tape  is  the  best  option  for  an 
archive  of  the  size  planned  by  ABC, 
Spark  said.  He  added  that  the  data  will 
be  readily  accessible  for  producers  to 
retrieve  footage  and  audio  reports  “in 
minutes  rather  than  hours  or  days.” 

■  RODNEY  GEDDA, 

COMPUTERWORLD  AUSTRALIA 


North  and  South  Korea 
Connect  Telecom  Cables 

TOKYO 

Fiber-optic  cables  in  North  Ko¬ 
rea  and  South  Korea  were  inter¬ 
connected  last  week,  marking 
the  first  time  that  telecommunications 
networks  between  the  two  countries 
have  been  joined. 

The  cables,  which  belong  to  KT 
Corp.  in  the  south  and  state-run  Korea 
Post  and  Telecommunications  Corp. 
in  the  north,  will  be  used  to  provide 
communications  and  Internet  services 
between  the  two  nations,  said  KT 
spokeswoman  Suzie  Nam. 

The  linkage  is  expected  to  be  espe¬ 
cially  important  for  a  new  industrial 
zone  in  the  city  of  Kaesong,  which  lies 
a  few  kilometers  north  of  the  border 
and  is  intended  to  be  used  by  South 
Korean  manufacturers.  ©  55684 
■  MARTYN  WILLIAMS,  IDG  NEWS  SERVICE 


Compiled  by  Mitch  Betts. 


Briefly  Noted 

The  European  Commission  this 
month  issued  a  directive  requiring 
all  25  European  Union  member 
countries  to  make  available  the 
5-6Hz  frequency  band  for  wireless 
services,  starting  Nov.  1.  The  move 
enables  Wi-Fi  service  providers  to 
offer  faster  transmission  rates  and 
avoid  capacity  shortages  on  the 
2.4-GHz  band  they  now  use. 

■  SIMON  TAYLOR,  IDO  NEWS  SERVICE 


Lombard  Canada  Ltd.,  a  Toronto- 
based  insurance  company,  has 
moved  its  core  applications  off 
mainframes  and  onto  distributed 
servers  running  Windows  Server 
2003  and  SQL  Server,  according  to 
an  announcement  made  last  week 
by  two  software  vendors  involved  in 
the  migration.  The  vendors  are 
Cybermation  Inc.  in  Markham,  On¬ 
tario,  and  Micro  Focus  International 
Ltd.  in  Newbury,  England. 


Similarity  Systems  Ltd.,  a  vendor 
of  data  quality  management  soft¬ 
ware  in  Dublin,  last  week  said  it 
has  acquired  Austin-based  Evoke 
Software  Corp.,  which  makes  data- 
profiling  software.  Similarity  said  it 
will  merge  the  two  companies’ 
technologies.  Financial  terms 
weren’t  disclosed. 


Levitt:  Push  for  Sarb-Ox 
Reforms  Is  ‘Shortsighted’ 


BY  THOMAS  HOFFMAN 

When  Congress  moved  to 
craft  the  Sarbanes-Oxley  Act 
of  2002,  legislators  assembled 
the  bill  “in  record  time,”  said 
Arthur  Levitt,  former  chair¬ 
man  of  the  U.S.  Securities  and 
Exchange  Commission.  How¬ 
ever,  he  said,  the  authors  did 
little  to  work  with  company 
executives  to  determine  the 
demands  the  law  would  place 
on  businesses. 

Still,  business  leaders  who 
are  pushing  hard  for  major  re¬ 
forms  to  ease  Sarbanes-Oxley 
prerequisites  because  of  the 
high  costs  of  compliance  “are 
being  shortsighted,”  said  Levitt. 
The  mandates  for  public  com¬ 
panies  to  document  financial 
controls  “have  been  well  worth 


the  costs”  for  investors,  he  said. 

“If  you  have  any  doubts,  ask 
those  thoughtful  shareholders 
for  any  of  those  586  companies 
that  reported  material  weak¬ 
nesses  [with  their  internal  con¬ 
trols]  during  the  first  four 
months  of  the  year,”  said  Levitt, 
now  a  senior  adviser  at  The 
Carlyle  Group  in  Washington. 

Levitt  was  a  panelist  at  a 
regulatory  compliance  confer¬ 
ence  in  Washington  last  week 
that  was  sponsored  by  Bind- 
View  Development  Corp.,  a 
Houston-based  security  soft¬ 
ware  provider. 

Unlike  the  authors  of  Sar¬ 
banes-Oxley,  the  writers  of  the 
Health  Insurance  Portability 
and  Accountability  Act  actively 
sought  involvement  from  health 


care  industry  professionals  in 
order  to  make  the  requirements 
scalable  and  practical,  said  John 
Parmigiani,  co-author  of  the 
HIPAA  security  provisions.  He 
is  president  of  John  C.  Parmi¬ 
giani  and  Associates  LLC,  an  El- 
licott  City,  Md.-based 
consulting  firm. 

“You  need  to  get 
a  lot  of  involvement 
from  industry  when 
crafting  regulations, 
and  you  need  to 
set  realistic  time 
frames,”  said  Parmi¬ 
giani.  “If  you’re  a 
two-person  [med¬ 
ical]  clinic,  you  can’t 
take  [the  same  ap¬ 
proach  to  HIPAA  compliance] 
as  the  Mayo  Clinic.” 

The  lack  of  such  coopera¬ 
tion  is  one  reason  why  certain 
Sarbanes-Oxley  requirements 
can  be  open  to  interpretation, 
some  IT  executives  said. 


“If  we  were  told  passwords 
had  to  expire  at  least  twice  per 
year,  we  could  easily  meet  the 
requirement,”  said  Joseph 
Puglisi,  CIO  at  Emcor  Group 
Inc.,  a  mechanical  and  electrical 
systems  contractor  in  Norwalk, 
Conn.  “But  we  and 
the  auditors  have  to 
negotiate  on  what  we 
think  is  acceptable.” 

When  many  large 
public  companies 
had  to  document 
and  test  their  inter¬ 
nal  controls  for  the 
first  time  under 
Section  404  of  Sar¬ 
banes-Oxley  last 
year,  the  exercise 
was  a  real  bear  for  IT  depart¬ 
ments,  said  Everett  C.  John¬ 
son,  international  president  of 
the  Information  Systems  Audit 
and  Control  Association. 

Since  most  IT  departments 
never  audited  IT  controls 


in  the  past,  “the  process 
turned  into  an  Ironman 
event,”  he  said.  However, 
Johnson  added,  the  audit  re¬ 
quirements  “helped  lead  to 
better  compliance.” 

Dave  A.  Richards,  president 
of  The  Institute  of  Internal  Au¬ 
ditors  in  Altamonte  Springs, 
Fla.,  said  that  for  the  hundreds 
of  companies  that  met  Section 
404  requirements  for  the  first 
time  in  January,  20%  of  their 
time  on  compliance  efforts  was 
spent  documenting  their  con¬ 
trols.  Between  15%  to  20%  of 
that  work  was  devoted  to  re¬ 
mediating  that  documentation. 

Levitt  said  he  believes  in¬ 
coming  SEC  Commissioner 
Christopher  Cox  will  work 
with  legislators  to  modify  re¬ 
quirements  imposed  under 
Sarbanes-Oxley,  such  as  mak¬ 
ing  it  less  expensive  for  small¬ 
er  businesses  to  comply  with 
Section  404.  ©  55719 
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interex 

man,  a  Unix  administrator  at 
the  West  Virginia  Bureau  of 
Employment  Programs  in 
Charleston,  said  she  was 
stunned  by  the  cancellation 
of  HP  World  2005.  Workman 
was  scheduled  to  give  a  pre¬ 
sentation  about  her  agency’s 
disaster  recovery  plan  at  the 
conference.  HP  World  “was 
actually  the  one  conference  I 
did  enjoy,”  she  said.  “It  was  ba¬ 
sically  geared  to  the  users  — 
not  controlled  by  the  vendor.” 

“Wow,  what  a  waste,”  said 
Paul  Gerke,  a  systems  admin¬ 
istrator  for  Clark  County  in 
Vancouver,  Wash.,  referring  to 
the  demise  of  Interex. 

Gerke  said  HP  World  was  a 
good  source  of  unfiltered  in¬ 
formation  about  HP  products. 
In  comparison,  the  presenta¬ 
tions  at  a  storage  conference 
that  was  run  by  HP  in  May 
“were  all  very  ‘HP,  rah-rah,’  ” 
he  said.  For  that  reason,  Gerke 
had  decided  not  to  attend  HP 
Technology  Forum  2005,  the 
new  conference  the  vendor  is 
holding  in  September. 

Interex  closed  without  ex¬ 
planation.  Calls  to  its  office 
weren’t  returned,  and  a  state¬ 
ment  posted  on  its  Web  site 
last  Monday  said  only  that  the 
group’s  leaders  “have  found  it 


HP  WORLD  may  be  kaput.  But 
the  annual  software-oriented 
conference  run  by  the  OpenView 
Forum  international  user  group 
will  still  be  held  as  a  separate 
event  next  June,  following  the 
reversal  of  a  decision  to  make  it 
a  part  of  HP's  new  conference. 

The  OVFi's  board  initially  vot¬ 
ed  unanimously  last  month  to 
hold  HP  Software  Forum  2006 
within  the  HP  Technology  Forum 
[QuickLink  54825],  But  later  in 
June,  the  board  rescinded  that 
vote  after  HP  agreed  to  continue 
supporting  a  separate  confer¬ 
ence,  0VFI  Executive  Director 
Sandra  Potter  and  Treasurer  Joe 
Gersch  said  last  week. 

The  0VFI  and  the  managers 


financially  necessary  to  close 
the  doors.”  Interex  is  expected 
to  file  for  bankruptcy  protec¬ 
tion,  sources  said. 

A  Big  Choice 

The  shutdown  came  almost 
exactly  one  year  after  HP  said 
it  planned  to  run  its  own  con¬ 
ference  [QuickLink  48350],  In¬ 
terex  and  the  three  other  inde¬ 
pendent  HP  user  groups  faced 
a  big  choice:  Join  HP  as  co¬ 
sponsors  or  continue  to  hold 
separate  events. 

Interex  decided  last  August 
to  go  forward  with  HP  World, 
which  was  a  major  source  of 
revenue  for  the  Sunnyvale, 
Calif. -based  user  group. 

But  some  people  were  wor¬ 
ried.  In  late  March,  Kees  den- 
Hartigh,  HP  World  program 
co-chairman  and  a  systems 
network  analyst  supervisor  at 
the  University  of  Alberta  in 
Edmonton,  wrote  to  new  HP 
CEO  Mark  Hurd  to  express  his 
concerns  about  the  competi¬ 
tive  threat  posed  by  HP’s  con¬ 
ference  and  the  appearance 
that  HP  was  “working  hard  to 
put  Interex  out  of  business.” 

In  his  letter,  which  he  pro¬ 
vided  to  Computerworld  last 
week,  denHartigh  said  he  had 
heard  reports  that  some  ven¬ 
dors  weren’t  going  to  lease 
trade  show  floor  space  at  HP 
World  because  they  would 
have  booths  at  the  HP  Tech- 


of  HP’s  software  unit  decided 
that  the  needs  of  OpenView 
users  and  the  user  group’s  ability 
to  meet  those  needs  “are  much 
better  served  by  having  a  soft¬ 
ware-specific  conference,” 

Potter  said  via  e-mail. 

The  location  and  dates  of  HP 
Software  Forum  2006  have  yet 
to  be  determined.  That  informa¬ 
tion  will  be  announced  in  late 
August,  according  to  an  online 
newsletter  that  was  posted  on 
the  OVFi's  Web  site  on  July  15. 

In  the  newsletter,  the  0VFI 
said  it  will  support  the  inaugural 
HP  Technology  Forum  in  Sep¬ 
tember  as  a  venue  for  OpenView 
users  who  need  training  in  other 
areas.  Whether  the  0VFI  will 


Hit  is  with  great 
sadness,  that 
after  31  years, 
we  have  found  it  finan¬ 
cially  necessary  to  close 
the  doors  at  Interex. . . . 
We  dearly  wish  that  we 
could  have  continued 
supporting  your  needs 
but  it  was  unavoidable. 


FROM  A  STATEMENT  TO  INTEREX 
MEMBERS  POSTED  ON  THE  USER 
GROUP’S  WEBSITE 

nology  Forum  instead. 

Hurd  didn’t  respond,  den¬ 
Hartigh  said,  although  a  simi¬ 
lar  letter  he  sent  in  February 
did  get  a  response  from  HP 
that  said  his  view  of  its  inten¬ 
tions  was  inaccurate. 

Conference  Cutbacks 

HP  remained  a  premier  spon¬ 
sor  of  this  year’s  HP  World,  at 
a  cost  of  about  $100,000,  ac¬ 
cording  to  Interex  members 
and  conference  organizers, 
who  asked  that  their  names 
not  be  used.  But  it  drastically 
cut  back  on  its  trade  show 
presence,  the  sources  said. 

HP  leased  7,000  square  feet 
of  floor  space  at  HP  World 
2004  but  was  taking  only  900 
square  feet  this  year,  they  said. 
HP  also  told  Interex  that  it 


take  part  in  HP’s  conference 
next  year  will  be  decided  at  a  lat¬ 
er  date,  said  Gersch,  a  consul¬ 
tant  based  in  Loveland,  Colo. 

David  Parsons,  an  HP  vice 
president,  said  0VFI  members 
“made  a  pretty  strong  case”  for 
continuing  the  HP  Software  Fo¬ 
rum  as  a  separate  show.  The 
conference  “will  be  held  for 
many  years  down  the  road, 
absolutely,”  Parsons  said. 

ITUG,  a  group  for  users  of 
HP’s  NonStop  systems,  will  go 
ahead  with  the  ITUG  Summit 
2005  in  October,  said  Chairman 
Richard  Buckle.  The  group  will 
have  “a  very  small  presence”  at 
HP’s  event,  he  added. 

-Matt  Hamblen 


intended  to  cut  back  on  the 
number  of  technical  sessions 
it  supported  at  HP  World. 

In  the  past,  HP  workers  typ¬ 
ically  handled  about  half  of 
the  conference’s  400  sessions. 
But  HP  initially  said  it  would 
do  only  20  sessions  this  year, 
according  to  the  sources.  It 
later  raised  that  figure,  but 
only  to  38,  they  said. 

David  Parsons,  HP’s  vice 
president  of  enterprise  mar¬ 
keting  for  the  Americas  re¬ 
gion,  confirmed  the  details 
about  this  year’s  plans.  But 
Parsons  said  there  were  good 
reasons  for  the  changes. 

About  700  HP  employees  at¬ 
tended  HP  World  2004,  and 
the  company  used  the  confer¬ 
ence  for  technical  training  of 
its  workers  as  well  as  users 
and  business  partners.  This 
year,  HP  wanted  to  provide 
the  training  at  its  own  event. 

HP  didn’t  intend  to  hurt  In¬ 
terex,  Parsons  said.  He  added 
that  the  company  laid  out  its 
HP  World  support  plans  last 
year  and  that  the  user  group 
“made  a  business  decision”  to 
pursue  its  own  course. 

The  Encompass,  ITUG  and 
OpenView  Forum  Internation¬ 
al  user  groups  said  they  re¬ 
main  on  solid  financial  foot¬ 
ings.  Both  the  OVFI  and  ITUG 
said  they  plan  to  continue 
holding  their  own  conferences 
while  working  with  HP  on  its 
event  (see  story  at  left). 

Garry  Smith,  director  of  in¬ 
formation  systems  at  manu¬ 
facturer  Charles  McMurray 
Co.  in  Fresno,  Calif.,  is  a  for¬ 
mer  president  of  an  Interex 
chapter  in  central  California 
that  had  120  members  until  it 
stopped  meeting  in  2002. 

Smith  said  attendance 
dropped  dramatically  as  mem¬ 
bers  diversified  beyond  the 
now-discontinued  HP  e3000, 
the  system  that  prompted  the 
formation  of  Interex.  “It’s  dis¬ 
appointing  to  hear  of  Interex 
closing,  but  that’s  the  evolu¬ 
tion  of  things,”  he  said. 

On  the  other  hand,  John 
Payne,  an  HP-UX  systems  en¬ 
gineer  at  Brigham  Young  Uni¬ 
versity  in  Provo,  Utah,  said  he 
will  miss  HP  World.  “When 
you  get  real  users  showing 
real  stuff,  you  can’t  go  wrong,” 
Payne  said.  O  55740 
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Future  Path  for 
Interex  Members 
Remains  Unclear 

IT  REMAINS  UNKNOWN 

whether  Interex  will  re-form  in 
some  fashion  or  if  a  new  user 
group  will  emerge  to  fill  the 
void  left  by  its  demise.  As  of 
last  week,  the  only  immediate 
option  for  would-be  HP  World 
attendees  was  to  attend 
Hewlett-Packard’s  new  confer¬ 
ence  at  no  extra  cost. 

HP  said  it  will  offer  free 
passes  to  the  HP  Technology 
Forum  to  users  who  had  al¬ 
ready  registered  to  attend  HP 
World  2005  and  had  paid  ei¬ 
ther  the  full  conference  or 
trade-show  fee.  The  confer¬ 
ence  is  scheduled  to  start  on 
Sept.  12  in  New  Orleans. 

The  company  is  also  working 
to  identify  technical  sessions 
planned  for  HP  World  that 
would  complement  or  add  to 
the  program  at  its  conference, 
said  David  Parsons,  vice  presi¬ 
dent  of  enterprise  marketing  for 
the  Americas  region  at  HP.  "We 
will  definitely  be  increasing  the 
number  of  sessions  based 
upon  the  fact  that  they  can¬ 
celed  HP  World,”  he  said. 

In  the  long  term,  one  possi¬ 
ble  avenue  would  be  for  Interex 
members  to  join  Encompass, 
a  Chicago-based  user  group 
that  traces  its  roots  to  the  Digi¬ 
tal  Equipment  Computer  Users 
Society.  Interex  and  Encom¬ 
pass  co-sponsored  HP  World 
2004,  although  the  latter  group 
switched  its  allegiance  to  HP’s 
conference  this  year. 

Kristie  Browder,  president 
of  Encompass  and  IT  director 
at  Silicon  Laboratories  Inc.  in 
Austin,  said  her  group  plans 
over  time  to  offer  a  place  for  In¬ 
terex  members.  “We  will  reach 
out  to  them  eventually,”  Brow¬ 
der  said.  “We’re  trying  to  make 
sure  everything  runs  its  course 
as  far  as  what’s  happening  at 
Interex  with  respect  to  them.” 

One  potential  issue,  though, 
is  that  Encompass,  with  10,000 
members,  is  far  smaller  than 
Interex  was. 

-  Patrick  Thibodeau,  Lucas 

Mearian  and  Matt  Hamblen 
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HP  Strategy 

Co.  in  Portland,  Ore.,  wanting 
to  hear  more  from  Hurd. 

Dickey  said  the  CEO  needs 
to  tell  users  what’s  in  store  for 
HP’s  key  product  lines.  That’s 
a  critical  issue  for  Dickey,  who 
in  April  completed  a  transi¬ 
tion  from  an  HP  e3000  system 
to  an  HP  9000  running  HP- 
UX.  Columbia  Steel  made  the 
move  in  response  to  HP’s 
decision  to  discontinue  the 
e3000,  which  the  vendor 
stopped  selling  in  2003  and 
is  due  to  drop  from  support 
at  the  end  of  next  year. 

“I  bet  our  company’s  tech¬ 
nology  direction  when  I  chose 


H  If  HP  were 
selling  sushi, 
they’d  call  it  ‘cold, 
dead  fish’  because 
they’re  so  bad  at 
marketing. 

MAUREEN  GREER,  ASSISTANT 
VICE  PRESIDENT  OF  IT  COMPLIANCE. 
AME6Y BANK  NA 


to  go  from  the  HP  3000  to  HP- 
UX,”  Dickey  said.  “It’s  very 
important  to  know  —  in  a  reli¬ 
able  manner  —  where  they  are 
going  with  it.” 

The  restructuring  an¬ 
nouncement  “was  not  about 
strategy,”  said  Frank  Gillett,  an 
analyst  at  Forrester  Research 
Inc.  “It  was  about  making  to¬ 
day’s  HP  work  better.”  There¬ 
fore,  he  said,  there  was  noth¬ 
ing  to  indicate  how  Hurd  will 
position  HP  to  better  compete 
against  IBM  or  Dell  Inc. 

Charles  King,  an  analyst  at 
Pund-IT  Research  in  Hay¬ 
ward,  Calif.,  said  Hurd  will 
have  to  air  his  long-term  plans 
in  the  near  future.  “This  was 
more  a  matter  of  ‘We’re  cut¬ 
ting  staff,  getting  expenses  un¬ 
der  control  and  moving  for¬ 
ward.’  ”  King  said.  “But  ‘Where 
are  you  going?’  was  pretty 
much  unaddressed.” 

Hurd  acknowledged  as 
much  during  an  interview 
with  the  IDG  News  Service. 
“What  you  get  on  a  day  like 
today,”  Hurd  said,  “is  a  lot  of 
questions  like  that:  ‘What’s 
coming  next?’  Right  now, 
where  we  really  are  is  focused 
on  making  HP  the  best  HP 
that  we’re  going  to  make  it.” 


HP  plans  to  cut  14,500  work¬ 
ers  over  the  next  six  quarters, 
with  most  of  the  reductions 
coming  in  support  functions 
such  as  IT,  human  resources 
and  finance.  Only  minimal 
cutbacks  will  be  made  in  sales, 
it  said,  and  “little  change  to 
head  count”  is  planned  within 
R&D.  But  the  company  later 
confirmed  that  HP  Labs  is 
ending  four  research  projects 
to  focus  on  ones  with  better 
chances  of  paying  off  finan¬ 
cially. 

The  vendor  is  also  eliminat¬ 
ing  its  Customer  Solutions 
Group,  which  handled  sales  to 
enterprise  customers,  small 
and  midsize  businesses,  and 
government  agencies.  Sales 
functions  will  now  be  embed¬ 
ded  in  HP’s  Technology  Solu¬ 
tions,  Imaging  and  Printing 
and  Personal  Systems  groups. 

Room  for  Improvement 

During  a  conference  call, 

Hurd  said  the  planned  job  cuts 
are  needed  to  give  HP  “a  com¬ 
petitive  cost  structure.” 

Maureen  Greer,  assistant 
vice  president  of  IT  compli¬ 
ance  at  Amegy  Bank  NA  in 
Houston,  agreed  that  the  lay¬ 
offs  are  overdue  and  said  that 


The  Hurd  Effect 

P  ’  *■  new  CEO  has 

MARK  HURD 

moves: 

■  REVERSE  a  decision  by 
predecessor  Carly  Fiorina  to 
combine  the  company’s  PC 
and  printer  operations. 

■  HIRED  former  PalmOne 
CEO  Todd  Bradley  to  run 
the  PC  unit. 

■  26-year  HP 
veteran  Cathy  Lyons  chief 
marketing  officer. 

■  IT  from  supply 
chain  operations  and  brought 
in  former  Dell  CIO  Randy 
Mott  to  manage  IT. 

■  plans  to  lay 
off  14,500  workers  and  fold 
sales  into  HP’s  three  major 
business  units. 


she  expects  to  see  business 
process  improvements  in  HP’s 
back-office  operations.  Greer 
also  thinks  the  changes  will 
improve  HP’s  marketing, 
which  she  pointed  to  as  a 


major  weak  spot.  “If  HP  were 
selling  sushi,  they’d  call  it 
‘cold,  dead  fish’  because  they 
are  so  bad  at  marketing,” 

Greer  said. 

Dennis  Deane,  a  Prague- 
based  program  manager  for 
European  IT  services  at  DHL 
International  GmbH,  said  he 
has  received  strong  assurances 
from  his  HP  account  represen¬ 
tatives  that  the  restructuring 
won’t  affect  the  products  used 
by  the  delivery  company. 

“DHL  has  been  told  that 
these  cuts  are  targeting  inter¬ 
nal,  predominantly  back-office 
functions  to  make  the  compa¬ 
ny  leaner,  rather  than  specific 
product  lines,”  Deane  said. 

Satish  Ajmani,  CIO  for  the 
government  of  Santa  Clara 
County  in  California,  hasn’t 
been  happy  with  the  quality  of 
some  of  the  PCs  shipped  to  his 
IT  operation  by  HP.  He  said 
the  increased  accountability 
that  Hurd  expects  to  get  from 
the  restructuring  could  be  a 
good  thing  for  users.  “We 
hope  to  see  their  product 
quality  improve,”  Ajmani  said. 
©  55737 


Tom  Krazit  of  the  IDG  News 
Service  contributed  to  this  story. 


Exec  Says  Changes  Make  HP’s 
Units  More  Focused,  Accountable 


BY  PATRICK  THIBODEAU 

Todd  Bradley,  who  last  month 
was  named  executive  vice  pres¬ 
ident  of  HP’s  newly  indepen¬ 
dent  Personal  Systems  Group, 
told  Computerworld 
last  week  that  the  com¬ 
pany’s  restructuring 
plan  was  designed  to 
improve  both  the  focus 
and  accountability  of 
its  three  major  business 
units.  Excerpts  from  the 
interview  follow: 

How  will  this  restructur¬ 
ing  affect  the  service  and  support 
that  enterprise  customers  get 

from  HP?  It  shouldn’t  impact 
them  at  all.  This  is  meant  to  be 
a  beneficial  move  to  our  cus¬ 
tomers  because  it  brings  both 
focus  and  accountability  into 


the  business  units  and  [ulti¬ 
mately]  into  that  sales  rep  or 
service  person  that  calls  on  a 
customer.  We  worked  very, 
very  hard  to  take  a  long  look 
at  the  organizational 
structure  and  change 
our  organization  from  a 
go-to-market  perspec¬ 
tive  but  really  make 
sure  it’s  relatively  seam¬ 
less  to  our  customers. 

Will  the  restructuring 
result  in  any  road  map 
changes  to  HP’s  enter¬ 
prise  product  lines?  Not  that 
I’m  aware  of.  While  people  are 
really  focused  on  the  number 
of  layoffs,  [internally]  this  has 
been  far  more  focused  on  how 
we  increase  accountability  in 
the  businesses. 


Is  there  any  special  outreach  to 
your  large  customers  to  explain 
this  change?  That’s  ongoing. 

What’s  the  message  you’re  bring¬ 
ing  to  the  customers?  Consis¬ 
tency  of  product;  improved  ex¬ 
ecution;  improved  accountabil¬ 
ity  in  the  business  segments. 

This  isn’t  the  first  employee  re¬ 
duction  that  HP  has  made;  you’ve 
seen  some  deep  cuts  in  the  past. 
How  strong  a  company  will  HP  be 
after  it  completes  this  restructur¬ 
ing?  It’s  pretty  clear  with  what 
we  talked  about  that  we’re 
focused  on  our  strengths.  I 
think  you’ve  seen  lots  of  com¬ 
panies  restructure  over  the 
last  several  years.  Those  com¬ 
panies  that  restructure  yet  fo¬ 
cus  on  how  the  restructuring 


improves  their  operating  per¬ 
formance,  [that]  is  what  we’ve 
done  here. 

How  do  you  think  this  restructur¬ 
ing  differentiates  you  from  your 
top  competitors?  I  think  the 
biggest  thing  is  the  fact  that 
we  have  created  three  busi¬ 
ness  units  that  are  very  fo¬ 
cused  on  their  markets,  very 
focused  on  rapid  execution 
[and]  have  far  more  account¬ 
ability  in  place  at  a  lower 
level  than  we  ever  had. 

There’s  been  speculation  that  this 
month’s  hiring  of  former  Dell  CIO 
Randy  Mott  to  run  HP’s  IT  opera¬ 
tions  is  an  indication  of  a  shift 
toward  Intel  platforms  and  away 
from  Unix  in  terms  of  products. 

Is  there  anything  to  be  read  into 
that?  No.  Randy  Mott  is  here 
because  he’s  one  of  the  best 
CIOs  in  the  country.  The  chal¬ 
lenges  we  have  —  not  the  least 
of  which  is  our  internal  IT 
cost  —  is  what  he’s  focused  on. 


One  of  HP’s  legacies  is  its  culture 
of  innovation.  But  there’s  an  ar¬ 
gument  that  if  employees  are  al¬ 
ways  worried  about  restructuring 
and  getting  laid  off,  it’s  going  to 
be  very  hard  for  them  to  perform 
at  their  best.  What  are  you  doing 
for  the  employees  who  remain? 
It’s  a  big  adjustment.  But  peo¬ 
ple  are  excited  about  the  fact 
that  we  have  more  account¬ 
ability,  that  we’ll  have  a 
stronger  marketing  message, 
more  tailored  to  the  products 
themselves.  It’s  always  a  disap¬ 
pointing  challenge  when  you 
have  to  make  layoff  reduc¬ 
tions.  But  the  HP  Way  is  about 
innovation,  it’s  about  execu¬ 
tion,  and  it’s  about  how  we  go 
to  market  with  the  best  prod¬ 
ucts  that  we  can.  And  none  of 
that  has  changed.  ©  55696 
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Microsoft  Exec  Outlines 
Plan  to  Sell  Service  SKUs 


BY  CAROL  SLiWA 

MINNEAPOLIS 

During  a  keynote  address  at 
Microsoft  Corp.’s  recent  World¬ 
wide  Partner  Conference  here, 
CEO  Steve  Ballmer  said  the 
company  will  offer  managed 
services  that  are  designed 
“more  like  a  product  or  a  stan¬ 
dard  offer  and  less  like  a  set 
of  customized  outsourcing 
services.”  Rick  Devenuti,  senior 
vice  president  of  Microsoft  Ser¬ 
vices  &  IT,  discussed  with 
Computerworld  the  company’s 
plans  to  sell  services  under  a 
model  where  they’re  listed  as 
stock-keeping  units,  or  SKUs. 

Are  there  certain  types  of  services 
that  will  be  more  conducive  to  the 
SKU  approach?  We  don’t  have  a 
whole  list  of  where  we’re  go¬ 
ing  with  SKUs.  We’ve  got  a 
product  marketing  organiza¬ 
tion  that  will  make  sure  it 
looks  at  the  opportunities.  But 
I  think  essentially  the  platform 
opportunities  are  things  we 
know  we  can  do  because  we 
do  them  inside  and  we  do 
them  with  customers.  Where 
customers  are  having  pain  to¬ 
day,  you  look  at  that  and  un¬ 
derstand  what  part  is  difficult 
and  how  do  we  solve  that  —  or 
where  customers  have  adopt¬ 
ed  technology,  but  they’re  not 
using  it  productively.  Cus¬ 
tomers  ask  us  all  the  time: 

“We  want  to  run  it  just  like 
you  do.  You’re  successful  with 
it.  How  can  we  be  successful?” 

So  you  like  the  idea  of  productiz¬ 
ing  services  as  much  as  possible? 

I’m  not  saying  it’s  the  only 
way  to  do  it.  I’m  saying  it’s  a 
way  we  know  that  works. 
We’ve  codified  it.  We’ve  tested 
it.  We’ve  proven  it.  And  why 
not  share  that?  Frankly,  it’s 
something  IT  can’t  do.  They’ve 
got  day  jobs.  It’s  something 
that  our  consulting  and  sup¬ 
port  organization  can  do.  And 
it’s  something  that,  as  we  have 
to  train  our  support  people 
and  our  consultants,  we  ab¬ 


solutely  can  build  the  same 
[intellectual  property]  for 
partners. 

What  will  be  the  first  SKU?  The 

first  one  is  around  Exchange 
[Server],  It’ll  be  a 
combination  of  SKUs, 
starting  with  looking 
at  the  overall  health  of 
the  environment.  How 
do  you  measure  it? 

How  do  you  monitor 
it?  What’s  the  avail¬ 
ability  of  [the  cus¬ 
tomer’s]  Exchange 
servers  worldwide?  . . . 

[That  SKU  will  grow] 
to,  how  do  you  deploy  [Ex¬ 
change]  and  how  do  you  really 
support  it  once  it’s  in  place? 

When  will  Microsoft  introduce  the 


first  one?  We’ll  be  using  it 
internally  in  this  half  of  the 
[fiscal]  year,  and  well  be  of¬ 
fering  it  to  partners  sometime 
during  the  second  half.  We’ve 
got  a  lot  to  learn  about  the 
difference  between 
what  this  concept  is 
and  how  you  train 
somebody  to  do  it. 
Today,  they  suggest 
we  take  people  out  of 
IT  and  marry  them 
with  consultants.  But 
that  doesn’t  scale. 
There’s  really  got  to 
be  training.  There’s 
got  to  be  certification 
or  accreditation. 

Will  customers  in  the  future  be 
able  to  find  a  catalog  of  SKUs 

for  services?  Yes.  We  want 


to  broadly  market  these 
SKUs,  and  they  can  be  deliv¬ 
ered  by  Microsoft  or  by  part¬ 
ners.  I  don’t  think  it’s  some¬ 
thing  customers  will  do  for 
themselves,  because  you  need 
to  be  accredited  and  trained 
on  it. 

Will  Microsoft  ever  be  the  sole 
service  provider,  or  will  you  al¬ 
ways  work  with  partners?  Cer¬ 
tainly,  in  the  original  stage, 
well  do  it  because  we’ve  got 
to  prove  it.  We’ve  got  to  build 
it.  And  we’ve  got  to  market  it, 
because  unless  there’s  a  broad 
umbrella  that  says  one  of 
these  Microsoft  things  is  good 
and  there’s  proof  points  to  it, 
there’s  no  way  to  scale  it  up. 
So  we’ll  start  with  them.  But 
the  only  way  to  really  reach 


efforts,  said  Andy  Purdy,  act¬ 
ing  director  of  the  DHS’s  Na¬ 
tional  Cyber  Security  Division. 
A  draft  of  a  national  infrastruc¬ 
ture  vulnerability  assessment, 
which  includes  a  cybersecurity 
assessment,  should  be  com¬ 
pleted  in  a  couple  of  months. 
The  DHS  Internet  Disruption 
Working  Group  is  developing 
a  plan  for  Internet  recovery  af¬ 
ter  a  major  attack,  Purdy  said. 

Pushing  IPv6 

The  division  is  also  support¬ 
ing  efforts  to  push  IPv6,  a 
more  secure  version  of  the 
current  Internet  Protocol, 
Purdy  said.  The  division  is  en¬ 
couraging  software  vendors  to 
create  more-secure  products, 
and  it  plans  to  renew  efforts  to 
work  with  other  agencies  and 
companies  to  identify  signifi¬ 
cant  threats,  he  said. 

Purdy  also  noted  that  the 
DHS  plans  to  create  the  post 
of  assistant  secretary  for  cy¬ 
ber-  and  telecommunications 
security.  He  said  that  the  new 
hire  should  bring  an  end  to  the 
high  turnover  in  the  division’s 
leadership  and  “accelerate” 
cybersecurity  efforts. 


Senators  Call  on  DHS  to 
Improve  Cybersecurity 


Official  admits 
that  there’s  still 
work  to  be  done 

BY  GRANT  GROSS 

The  U.S.  Department  of 
Homeland  Security  needs  to 
develop  a  recovery  plan  for 
a  widespread  attack  on  the 
Internet,  and  it  needs  stable 
leadership  in  cybersecurity, 
a  government  investigator 
told  a  Senate  subcommittee 
last  week. 

While  the  DHS  can  track  In¬ 
ternet  threats,  it  doesn’t  have 
an  Internet  recovery  plan  or  a 
national  cybersecurity  threat 
assessment  procedure,  David 
Powner,  director  of  IT  man¬ 
agement  in  the  Government 
Accountability  Office  (GAO), 
told  a  subcommittee  of  the 
Senate  Homeland  Security 
and  Governmental  Affairs 
Committee.  More  work  needs 
to  be  done,  he  said. 

“Until  DHS  addresses  its 


many  challenges  ...  it  cannot 
function  as  a  cybersecurity  fo¬ 
cal  point  for  coordinating  fed¬ 
eral  law  and  policy,”  Powner 
said.  “The  result  is  increased 
risk.  Large  portions  of  our 
critical  infrastructure  are  un¬ 
prepared  to  effectively  handle 
a  cybersecurity  attack.” 

Senators  echoed  Powner’s 
criticisms,  first  outlined  in  a 
GAO  report  released  in  May 
[QuickLink  54662]. 

“The  United  States  does  not 
have  a  robust  ability  to  detect 
a  coordinated  attack  on  our 
critical  infrastructure,  nor 
does  it  have  a  measurable  re¬ 
covery  and  reconstitution  plan 
for  key  mechanisms  of  the  In¬ 
ternet  and  telecommunica¬ 
tions  system,”  said  Sen.  Tom 
Coburn  (R-Okla.),  chairman  of 
the  Federal  Financial  Manage¬ 
ment,  Government  Informa¬ 
tion  and  International  Securi¬ 
ty  Subcommittee. 

The  DHS  is  working  hard  to 
improve  U.S.  cybersecurity 


velocity  is  to  have  partners  en¬ 
abled  to  do  that. 

Will  the  service  SKUs  be  offered 
under  Microsoft  Consulting  Ser¬ 
vices?  For  both  Microsoft  Con¬ 
sulting  Services  and  in  Pre¬ 
mier  [Support],  I  tend  to  think 
of  those  two  organizations  as 
our  enterprise  services  group. 

Does  this  put  you  into  competition 
with  your  partners  to  some  de¬ 
gree?  I  don’t  think  so  at  all. 
We’re  really  talking  about 
building  out  an  asset  for  the 
partner  and  customer  channel. 
But  we  have  to  prove  that  it 
works.  And  this  concept  of 
having  a  very  prescriptive  way 
to  do  something  that  works  in 
a  heterogeneous  environment 
—  that  gets  the  guaranteed 
predictable  results  we’re  talk¬ 
ing  about  —  we  haven’t  found 
it  to  be  an  easy  thing  to  do.  So 
we  need  to  make  sure  that  we 
can  do  it  and  we  know  how 
you  need  to  be  trained  to  do  it 
and  that  you  can  do  it  prof¬ 
itably.  ©  55676 


“We  believe  [the  GAO  re¬ 
port]  has  provided  a  fair  as¬ 
sessment  of  the  progress  to 
date  and  agree  that  while  con¬ 
siderable  work  has  been  done, 
much  work  remains  to  meet 
the  challenges  in  this  rapidly 
changing  area,”  Purdy  said. 

Sen.  Thomas  Carper  (D- 
Del.)  repeated  longstanding 
complaints  that  cybersecurity 
issues  take  a  back  seat  to  phys¬ 
ical  security  issues  at  the 
DHS.  Senators  also  raised 
concerns  about  the  possibility 
of  attacks  on  Internet-based 
controls  for  utilities  such  as 
waste  management  plants  or 
the  electric  grid. 

Powner  listed  a  number  of 
criticisms  of  DHS  cybersecuri¬ 
ty  efforts,  including  what  the 
GAO  sees  as  problems  it  has 
had  developing  relationships 
with  state  and  federal  agencies 
and  private  industry.  The  DHS 
also  has  no  generally  accepted 
methodologies  for  analyzing 
Internet  attacks  and  hasn’t  fully 
developed  a  plan  for  respond¬ 
ing  to  attacks,  he  said.  ©  55679 


Gross  writes  for  the  IDG 
News  Service. 
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If  there’s  one  thing  CIOs  and  CFOs  can  agree  on,  it’s  Fujitsu  PRIMERQY®  servers. 

serviceability,  and  manageability  CFOs 
demand.To  help  maintain  high  performance 
and  lowTCO,  Fujitsu  features  Cool-Safe™ 
cooling  technology.  Developed  with  aviation 
simulation  techniques,  this  innovative,  new 
approach  to  thermal  management  optimizes 
processor  airflow  to  keep  PRIMERGY 
servers  running  at  peak  performance  in 
real-world  IT  environments. 

For  more  information  on  the  complete  line  of  PRIMERGY  servers 
and  how  Fujitsu  PRIMERGY  servers  can  bring  CIOs  and  CFOs  together,  visit 

us.fujitsu.com/computers/PRIMERGY  or  call  I  -800-83 1  -3  1 83. 
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Featuring  the  proven  reliability 
of  Intel®  Xeon™  processors,  PRIMERGY 
blade,  rack  and  tower  servers  give  CIOs  the 
power  to  drive  complex,  business-critical 
enterprise  applications  based  on  Linux  and 
Windows®  operating  systems. 
PRIMERGY  servers  also  provide 
a  low  total  cost  of  ownership  (TCO), 
delivering  the  reliability, 
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DON  TENNANT 


Never  Mind 


Remember  last  week  when  I  wrote 
about  having  noticed  an  advertisement 
for  HP  World  and  how  I  learned  from 
the  ad  that  the  conference,  sponsored  by 
the  Interex  user  group,  would  be  held  in 
August?  Remember  how  I  commended  Hewlett- 
Packard  for  supporting  HP  World  despite  the  fact 
that  it  was  slated  to  hold  its  first  unified  user  confer¬ 
ence,  the  HP  Technology  Forum,  a  month  later? 


Never  mind.  HP  World, 
as  you  probably  know  by 
now,  isn’t  happening. 

No  one  was  more 
blown  away  than  I  was 
when  Patrick  Thibodeau 
broke  the  story  on  our 
Web  site  on  the  Monday 
morning  our  print  edition 
was  hitting  the  streets: 

HP  World  had  been  can¬ 
celed  the  day  before,  and 
Interex  was  shutting  down 
[QuickLink  55630].  Why 


)N  tennant  is  editor  i 
chief  of  ComputerWork 
ou  can  contact  him  at 

aonjermanm  ; 


decision  to  go  it  alone 
was  based  on  wishful 
thinking,  blind  stubborn¬ 
ness  or  a  combination  of 
the  two.  The  desire  to  re¬ 
tain  an  independent  user 
conference  was  com¬ 
mendable,  but  actually 
trying  to  do  it  was  proba¬ 
bly  shortsighted.  And 
blindsiding  its  member¬ 
ship  at  the  last  minute 
was  just  plain  stupid. 

So  now  all  eyes  are  on 


would  Interex  place  an  ad  to  attract 
registrations  to  HP  World  one  week, 
only  to  cancel  the  show  the  next? 
How  could  all  of  this  have  happened 
so  suddenly  and  without  warning? 

I  don’t  know  the  answer  to  either 
question.  But  I  do  know  that  this  is 
a  glaring  indication  of  some  pretty 
shoddy  management,  and  you  can’t 
blame  HP  for  that.  Many  people  will 
slam  HP  for  killing  HP  World  —  and, 
by  extension,  Interex,  since  the  event 
was  the  main  source  of  the  group’s 
revenue  —  by  starting  its  own  user 
conference  and  convincing  the  two 
other  top  independent  HP  user 
groups  to  support  it. 

But  no  one  can  argue  that  it  was 
HP  that  pulled  the  rug  out  from  un¬ 
der  Interex’s  members  last  week. 

The  Interex  leadership  did  that  it¬ 
self.  And  there’s  no  excuse  for  it. 

Interex  had  plenty  of  time  to  deter¬ 
mine  whether  holding  HP  World  was 
a  viable  proposition  at  all,  let  alone 
one  month  before  the  HP  Technolo¬ 
gy  Forum.  It  appears  now  that  the 


the  HP  Technology  Forum  to  be  held 
in  September.  Remember  last  week 
when  I  wrote  that  there’s  a  “schedul¬ 
ing  conflict”  that’s  going  to  prevent 
HP  CEO  Mark  Hurd  from  attending 
this  signature  HP  user  conference? 
Remember  how  I  noted  that  Hurd 


will  be  giving  a  keynote  at  Oracle 
OpenWorld  the  following  week  and 
how  I  found  it  peculiar  that  Hurd  was 
able  to  carve  out  the  time  to  speak  to 
Oracle’s  users  but  not  his  own?  Never 
mind.  Now  that  I’ve  had  another 
week  to  think  about  it,  I  find  it  not 
peculiar  but  absolutely  outrageous. 

In  the  week  since  then,  we’ve 
learned  that  the  rumors  were  true 
and  that  HP  is  indeed  undergoing  a 
major  restructuring  that  will  leave  it 
with  10%  fewer  workers  and  make 
the  Customer  Solutions  Group  —  the 
organization  responsible  for  selling 
to  corporate  and  government  users 
—  go  away.  It  seems  incomprehensi¬ 
ble  that  Hurd  would  fail  to  show  up 
at  this  key  inaugural  event  to  explain 
these  and  other  restructuring-related 
moves  to  his  users. 

If  Hurd  indeed  stays  away,  Ann 
Livermore,  the  executive  vice  presi¬ 
dent  who’s  slated  to  deliver  the  main 
keynote,  will  be  left  in  the  awkward 
position  of  having  to  explain  his  ab¬ 
sence.  I’d  hate  to  see  that  happen  to 
the  person  who  should  have  gotten 
the  nod  to  replace  Carly  Fiorina  in 
the  first  place.  O  55704 
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DAN  GILLMOR 

Intel  May 
Have  Itself 
To  Blame 

INTEL  ISN’T  the  world’s 
biggest  maker  of  micro¬ 
processors  for  nothing. 

Among  manufacturing  com¬ 
panies,  it  surely  ranks  among  the  most 
adept,  and  it  has  a  long  history  of  inno¬ 
vation. 

But  Intel  is  also  known  for  its  com¬ 
petitive  nature  —  a  rough  and  some¬ 
times  mean  style  that  has  always  come 
close  to  the  edge  of  what’s  acceptable. 
And  it’s  the  nastier  part  of  the  compa¬ 
ny’s  character  that’s  being,  once  again, 
called  sharply  to  account. 

The  latest  questions  or,  more  accu¬ 
rately,  accusations  have  surfaced  in  the 
form  of  a  lawsuit  recently  filed  by  Ad¬ 
vanced  Micro  Devices,  Intel’s  chief 
competitor.  I’ve  read 
the  complaint,  and 
this  is  serious  stuff. 

AMD  is  alleging  a 
host  of  offenses,  but 
the  case  boils  down 
to  whether  Intel  has 
used  illegal  or  mere¬ 
ly  nasty  tactics  to 
maintain  its  chip 
dominance.  If  the  al¬ 
legations  of  illegal 
behavior  are  true  — 
and,  needless  to  say, 

Intel  has  denied 
them  —  Intel  may  be 
in  some  real  trouble 
this  time. 

There  are  some  high  stakes  in  this 
battle,  and  not  just  for  Intel.  The  stakes 
for  IT  are  real  too.  If  AMD  prevails, 
computer  buyers  will  see  more  choices 
and  lower  prices. 

Which  is  not  to  say  that  price-cutting 
and  innovation  haven’t  been  occurring 
in  the  Intel  architecture.  Largely  thanks 
to  AMD,  both  have  occurred.  AMD’s 
64-bit  migration  strategy  —  helping 
customers  by  ensuring  that  32-bit  ap¬ 
plications  would  keep  working  —  and 
dual-core  processors  have  been  exam¬ 
ples  of  the  kind  of  leadership  for  which 
Intel  was  once  more  famous. 

Intel  isn’t  a  stranger  to  antitrust 
issues.  In  the  1990s,  it  stayed  pretty 
much  above  the  fray  as  Microsoft,  its 
partner  in  the  Wintel  alliance,  faced 
a  series  of  harsh  charges.  Intel  had 
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schooled  its  workers  to  avoid  saying 
and  doing  the  kinds  of  things  that  got 
Microsoft  in  such  trouble. 

Indeed,  people  I  talked  with  at  Intel 
during  the  epic  Microsoft  trial  were 
baffled  that  the  software  giant  seemed 
not  only  to  have  no  serious  internal 
policies  to  avoid  such  trouble,  but  also 
that  Microsoft  executives  were  so  fla¬ 
grantly  dismissive  of  government  offi¬ 
cials  and  their  duties. 

Intel’s  sensitivity  had  shone  through 
in  another  way.  At  one  point,  the  com¬ 
pany  backed  away  from  what  seemed 
to  be  a  push  to  dominate  the  mother¬ 
board  market  as  it  had  done  with  chips. 
I  had  always  assumed  that  Intel,  al¬ 
ready  immensely  profitable  and  pow¬ 
erful,  had  done  this  largely  to  avoid 
any  antitrust  complications. 

Microsoft,  in  the  end,  avoided  seri¬ 
ous  sanctions  for  its  behavior.  The 
Bush  administration,  in  its  odious  deal 
with  the  software  company,  all  but  an¬ 
nounced  that  monopolists  could  get 
away  with  just  about  anything  on  its 
watch.  I  wonder  if  Intel  concluded  that 
it,  too,  now  had  a  free  pass.  If  so,  the 
chip  maker  may  have  made  a  mistake. 

Antitrust  law  is  evolving  at  a  fairly 
rapid  pace  these  days,  and  there  are  le¬ 
gitimate  questions  about  whether  it’s 
appropriate  in  a  fast-moving  industry 
like  technology.  I  believe  it  is,  but 
there’s  at  least  a  solid  intellectual  argu¬ 
ment  that  hard-nosed  enforcement 
may  deter  innovation. 

I  believe  Intel  would  be  better  off  if 
it  acted  as  if  strong  enforcement  was 
going  to  occur  no  matter  what.  Tough 
but  honorable  competition,  not  knife 
fights,  should  be  the  heartbeat  of  capi¬ 
talism.  ©  55479 

DAVID  BOWES 

On-the-Job 
Seasoning  of 
An  IT  Pro 

LIKE  MOST  IT  managers, 

I  always  aimed  to  create 
a  bottom-line  impact 
through  the  use  of  technology, 

reduce  the  mystery  surrounding  IT 
and  adopt  standard  business  manage¬ 
ment  techniques.  Unfortunately,  these 
efforts  generally  didn’t  have  the  in¬ 
tended  result.  Most  CEOs  still  don’t 
seem  to  grasp  the  potential  of  business 
transformation  coupled  with  IT.  But 
this  is  our  fault  as  much  as  theirs. 


What  can  we  do  to  reme¬ 
dy  this  situation?  The  an¬ 
swer  lies  in  training,  but  I’m 
talking  about  something 
more  than  a  class  for  your 
business  executives  to  learn 
how  to  use  a  spreadsheet. 

I’m  talking  about  a  wide¬ 
spread  learning  environment 

—  a  culture  of  learning. 

Of  all  the  manufacturing 

and  distribution  firms  I’ve 
worked  for,  only  one  suc¬ 
cessfully  created  a  learning 
environment  for  all  its  se¬ 
nior  managers  that  became 
the  prism  through  which  we  managed 
staff  and  related  to  one  another.  This 
100-year-old  food-processing  company 
has  always  believed  that  things  should 
be  done  the  right  way.  It  doesn’t  shy 
away  from  change  and  feels  that  it’s 
fair  to  ask  new  senior  managers  to 
learn  about  the  company  before  direct¬ 
ing  their  employees  to  follow  them 
into  uncharted  waters.  In  fact,  all  em¬ 
ployees  learned  the  company  culture 
by  receiving  on-the-job  training. 

New  managers  had  to  spend  four 
months  away  from  home,  trimming 
and  tying  meat,  coating  poultry  with 
spices,  loading  cooking  trees,  unload¬ 
ing  metal  containers  of  cooked  product 

—  performing  the  majority  of  the  most 


laborious  jobs  in  the  plant 
under  demanding  condi¬ 
tions  for  10  hours  each  day. 
We  ate  our  lunch  with 
everyone  in  the  cafeteria. 
All  of  our  experiences  were 
recorded  weekly  for  peer 
review  and  suggestion. 

I  completed  the  hands- 
on  training  but  didn’t  fully 
appreciate  the  lessons 
learned  until  one  year  later, 
when  assembling  an  ERP 
request  for  proposals.  My 
time  on  the  factory  floor 
helped  me  understand  how 
those  operations  could  benefit  from  a 
properly  implemented  ERP  system. 

For  example,  line  personnel  wanted  to 
see  how  their  efforts  in  total  produc¬ 
tion  and  scrap  containment  compared 
with  those  of  other  plants  in  order  to 
promote  best  practices  that  worked; 
facilities  managers  dreamed  of  a  glob¬ 
al  spare-parts  inventory  that  could  be 
queried  using  multiple  word  combina¬ 
tions,  parts  characteristics  or  parts  di¬ 
mensions  to  avoid  unnecessary  pur¬ 
chases  and  speed  the  right  parts  to  a 
machine;  and  management  wanted  to 
know  more  about  retail-store  case 
temperatures  and  storage  practices 
compared  with  our  internal  standards 
by  using  a  passive  data-gathering 


process  that  our  distributors  used. 
Having  worked  alongside  all  these 
people,  I  didn’t  have  to  guess  what 
would  be  beneficial  for  them  and  pro¬ 
vide  value-add  for  the  company. 

But  as  I  said,  I’ve  worked  for  only 
one  company  that  pursued  this  sort  of 
training.  Still,  I  think  all  managers 
should  understand  the  ins  and  outs  of 
many  of  the  routine  procedures  within 
their  organizations  and  take  the  time 
to  perform  these  tasks.  If  your  compa¬ 
ny  doesn’t  provide  this  type  of  train¬ 
ing,  ask  your  human  resources  direc¬ 
tor  and  your  boss  if  you  can  help  de¬ 
sign  a  program.  Then  let  others  know 
what  you’re  doing  so  that  they  begin 
to  see  the  value  of  this  sort  of  train¬ 
ing.  And  carry  this  thinking  into  other 
areas;  if  a  business  re-engineering 
project  is  planned,  for  example,  be 
sure  to  perform  hands-on  training 
beforehand. 

In  the  end,  you  will  be  better  able  to 
identify  and  project  the  positive  effects 
of  IT  because  you  will  have  a  much 
clearer  appreciation  of  your  firm’s  true 
identity  and  what  your  users  really 
need.  ©  55563 
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Training  Key  to  Improved  E-mail  Security 

i 


N  THE  article  "Trojan  E-mails 

Suggest  Trend  Toward  Targeted 
Attacks"  [QuickLink  55083],  you 
quote  a  security  analyst  as  saying 
that  organizations  that  follow  best 
practices  in  regard  to  e-mail  securi¬ 
ty  should  not  be  concerned  with 
this  new  threat.  This  advice  is  flat 
wrong!  Updated  antivirus  signa¬ 
tures,  attachment  filtering  and  anti¬ 
spam  measures  aren’t  enough  to 
identify  and  mitigate  this  risk.  I  have 
been  involved  in  a  network  penetra¬ 
tion  test  that  targeted  individuals 
using  spoofed  e-mail  and  Web 
pages.  We  were  successful  in  col¬ 
lecting  authentication  credentials 
from  over  90%  of  users.  These  cre¬ 
dentials  included  network,  data¬ 
base  and  VPN  passwords  and  user 
IDs,  which  was  enough  for  us  to  re¬ 
motely  gain  access  to  all  of  the  data 
we  wanted,  completely  undetected! 

The  ultimate  solution  is  not  sim¬ 
ply  updating  your  antivirus  or  apply¬ 
ing  some  magical  server  patch. 
There  are  only  two  ways  to  mitigate 


this  risk:  better  user  training  and 
strong  authentication  methods 
(such  as  biometrics  and  smart 
cards).  You  can  have  the  strongest 
network,  firewall  and  intrusion  de¬ 
tection  in  the  world,  but  as  long  as 
legitimate  users  are  standing  at  the 
gates  handing  out  their  keys,  then 
you  will  never  have  true  security. 
Jason  Jones 
Webmaster, 

Dallas  Baptist  University, 
webmaster@dbu.edu 

Most  Identity  Theft 
Occurs  Off-line 

Bruce  schneier,  chief  tech¬ 
nology  officer  at  Counterpane 
Internet  Security  Inc.,  says  that 
shredding  your  trash  “is  completely 
obsolete  advice”  [“Hackers  Score 
Big  by  Thinking  Small,  Experts 
Say,”  QuickLink  55151],  He  and  I 
must  be  reading  different  sources. 
While  there  has  been  an  uptick  in 


identity  theft  via  computers  just  with¬ 
in  recent  months,  more  than  85% 
of  identity  theft  still  occurs  from 
sources  that  are  not  online.  Shred¬ 
ding  your  trash  is  still  sound  advice. 
Michael  Quigley 
AS/400  programming 
section  coordinator, 

New  Knoxville,  Ohio 
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Gates  Is  a  Mystery 

AM  CONFUSED!  First  Bill  Gates 
bangs  the  table  for  more  H-IBs, 
and  now  this  [“Gates  Warns 
Against  Reliance  on  Outsourcing,” 
QuickLink  a6570].  Does  he  or  does 
he  not  want  American  engineers 
and  IT? 

James  Murphy 

North  Hills,  Calif. 


Apple  Doesn’t  ‘Tie’ 

YOU  SHOULD  TALK  to  an  anti¬ 
trust  lawyer  before  you  run  an 
article  accusing  Apple  of  “tying" 
[“Mac  OS  on  a  Dell?  Dell  in  Favor, 
Apple  Opposed,”  QuickLink 


a6540].  Tying  is  illegal  only  if  the 
company  has  some  degree  of  mar¬ 
ket  power.  For  example,  Microsoft 
was  sued  for  tying  Internet  Explorer 
to  Windows  because  it  had  such  a 
dominant  position  in  the  operating 
systems  market.  Apple,  with  rela¬ 
tively  small  market  share  in  hard¬ 
ware  or  operating  systems,  could 
probably  not  be  sued  successfully 
for  tying  under  antitrust  law. 
Jonathan  Lamberson 
Student,  Harvard  Law  School, 
Cambridge,  Mass. 

C0MPUTERW0RLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to 
Jamie  Eckle,  letters  editor,  Com- 
puterworld,  P0  Box  9171, 1  Speen 
Street,  Framingham,  Mass.  01701. 
Fax:(508)879-4843.  E-mail: 
letters@computerworld.com. 
Include  an  address  and  phone 
number  for  immediate  verification. 
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David  bowes  has  over 
20  years  of  diverse 
customer-focused  IT 
management  and  con¬ 
sulting  experience.  You 
can  contact  him  at 
dbowes@optonline.net. 
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portfolio  of  wireless 
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24/7  enterprise-grade 
support.  And  a  service 
staff  dedicated  solely  to 
business  people. 
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helped  FedEx 
deliver  absolutely,  positively  faster. 


Cingular  connected  the 
FedEx  Ground  package 
tracking  system  to 
the  ALLOVER™ network, 
the  largest  digital  voice 
and  data  network 
in  America.  FedEx 
customers  can  now 
track  their  packages 
online  in  real-time.  For  FedEx,  Cingular  delivers  faster,  more  cost- 
effective  tracking  updates  and  even  greater  customer  satisfaction. 


CINGULAR  MAKES  BUSINESS  RUN  BETTER 

X  cingular 
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Find  out  how  Cingular  can  make  your  business  run  better: 

CALL  your  account  representative  -or-  CLICK  cingular.com/businessleader 


Circular's  ALLOVER  data  network  covers  over  250  million  people  and  is  growing. 

Coverage  is  not  available  in  all  areas.  Global  coverage  based  on  coverage  in  174  countries.  Fastest  claim  compares  Cingulads  measured  speed  of  its  EDGE 
network  to  other  carriers'  speed  claims  for  their  national  data  networks.  All  marks  property  of  their  respective  owners.  ©2005  Cingular  Wireless.  All  rights  reserved. 


Health  Services 

IT  leaders  at  health  care  organizations, 
such  as  Furrukh  Khan  at  Ohio  State  Uni¬ 
versity  Medical  Center  (right),  are  using 
Web  services  to  move  information 
among  disparate  systems  and,  ultimate¬ 
ly,  improve  patient  care.  Page  26 


SECURITY  MANAGER'S  JOURNAL 

Getting  Started  on 
Database  Security 

C.J.  Kelly  takes  a  look  at  the  secur¬ 
ity  of  her  employer’s  information 
assets  and  realizes  that  the  applica¬ 
tion  layer  is  the  weak  link.  Page  32 


QUICKSTUDY 

RATs 

Remote  administration  Trojans 
are  pieces  of  malicious  software 
that  let  intruders  remotely  con¬ 
trol  computers  across  a  network 
or  through  the  Internet.  Page  34 


The  list  could  go  on  and  on.  And  the 
problem,  it  seems,  is  only  getting  worse. 
According  to  one  oft-quoted  number 
from  the  National  Institute  of  Stan¬ 
dards  and  Technology,  flawed  software 
cost  the  U.S.  economy  $60  billion  in 
2002.  No  one  doubts  that  the  number 
is  even  higher  today. 

Bad  software  plagues  nearly  every 
organization  that  uses  computers, 
causing  lost  work  hours  during  com¬ 
puter  downtime,  lost  or  corrupted 
data,  missed  sales  bpportunities,  high 
IT,  support  and  maintenance  costs,  and 
low  customer  satisfaction. 

In  frustration.  CIOs  are  taking  a  hard 
look  at  how  bugs 
;et  into  the  appli¬ 
cation  develop¬ 
ment  process 
and  why  they 
seem  to  be  so 


By  using  applica¬ 
tion  life-cycle 
management,  some 
companies  are  try¬ 
ing  to  exterminate 
software  bugs  and 
reduce  the  costs 
they  incur. 

By  Sue  Hildreth 


THE  HORROR  STORIES 
HAVE  BECOME  ALL 
TOO  FAMILIAR: 

■  In  April,  a  software  glitch  resulted  in 
the  loss  of  thousands  of  dollars  for  US 
Airways  Group  Inc.  when  some  tickets 
were  mistakenly  priced  at  $1.86. 

■  In  the  latest  U.S.  presidential  elec¬ 
tion,  reports  of  incorrect  tallies  surfaced 
in  several  districts  that  Were  using  new 
computerised  voting  machines. 

- . . . 

■  A  softvuare  bug  apparently 
caused  the  largest  power  out¬ 
age  in  North  America,  the 
Northeast  blackout  b'f  August 
2003,  which  threw  millions 
of  people  into  dark¬ 
ness. 
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Know  what  RUP,  CMM  or  XP  mean?  Here’s  a  quick  lesson 
on  development  methodologies. 

There  are  a  handful  of  well-known  methodologies  in  software  devel¬ 
opment  circles.  One  common  one  is  IBM  Rational's  RUP,  or  Rational 
Unified  Process,  a  framework  that  includes  both  best  practices  and 
technology  tools  and  that  identifies  four  phases  of  application  develop¬ 
ment:  inception,  elaboration,  construction  and  transition.  An  extension 
to  RUP  called  the  Enterprise  Unified  Process,  created  by  Scott 


Ambler  of  Ronin  International  Inc.,  adds  two  phases:  production  and  re¬ 
tirement. 

Another  standard  is  the  Software  Engineering  Institute’s  Capability 
Maturity  Model  Integration,  an  update  to  the  SEI's  original  Capa¬ 
bility  Maturity  Model.  CMMI  promotes  the  notion  of  cyclical  feedback 
and  improvement  as  a  characteristic  of  a  top-quality  IT  organization. 
CMMI  defines  five  levels  of  software  process  maturity  ranging  from  Lev¬ 
el  1  (initial),  characterized  by  ad  hoc  methods  and  unpredictable  results, 
to  Level  5  (optimized),  when  the  organization  has  measurable,  continu¬ 
ous  process  improvement.  One  other  well-known  practice  is  Extreme 
Programming,  or  XP,  which  also  stresses  iterative  development, 
constant  testing  and  collaborative  development. 

Iterative  development  is  a  key  issue,  says  Joshua  Barnes,  a  consul¬ 
tant  at  Ajilon  LLC  in  Jacksonville,  Fla.  Unlike  the  “waterfall”  approach, 
in  which  a  project  progresses  from  stage  to  stage,  iterative  develop¬ 
ment  lets  successive  increments  of  the  project  go  though  the  cycles, 
allowing  for  constant  feedback  and  course  corrections.  “It’s  never  ben¬ 
eficial  to  use  a  waterfall  approach,  in  my  opinion,”  says  Barnes.  But  the 
iterative  methodology  is  a  cultural  change  and  is  often  challenging  for 
people  to  follow,  he  says. 

-Sue  Hildreth 


hard  to  prevent.  The  consensus:  It’s 
not  one  specific  failure  but  a  series  of 
disconnects  and  miscommunications 
among  the  IT  specialists  involved  in 
the  planning,  development,  testing  and 
maintenance  of  each  application. 

The  problem,  say  those  who  study 
bad  software,  is  a  failure  to  manage  the 
life  cycle  of  software  and  recognize 
that  any  effort  to  improve  software  qual¬ 
ity  must  span  all  of  the  stages  of  the 
application’s  life,  from  initial  planning 
to  postdeployment  and  maintenance. 

Berkshire  Life  Insurance  Company 
of  America,  a  subsidiary  of  The 
Guardian  Life  Insurance  Company  of 
America  in  New  York,  has  been  exam¬ 
ining  ways  to  improve  quality  through¬ 
out  the  application  life  cycle. 

“In  the  past  year,  we  have  looked  at 
our  development  process,  at  our  re- 
quirements-gathering  methodology 
and  at  the  way  we  monitor  systems,” 
explains  Sorin  Fiscu,  project  manager 
and  IT  rapid  application  development 
team  leader  at  Berkshire  Life. 

Fiscu’s  team  has  implemented 
changes  such  as  involving  the  quality 
assurance  (QA)  staff  in  the  early  plan¬ 
ning  stages,  soliciting  input  from  busi¬ 
ness  analysts  and  automating  more  of 
the  testing  phase.  These  changes  have 
enabled  the  company  to  meet  or  ex¬ 
ceed  two  of  its  goals  for  postdeploy¬ 
ment:  application  availability  and  over¬ 
all  user  satisfaction  with  the  applica¬ 
tion. 

One  of  the  first  steps  in  the  develop¬ 
ment  of  an  application  at  Berkshire 
Life  is  bringing  business  users  and  IT 
together  to  agree  upon  the  functional 
specifications  of  the  application,  list¬ 
ing  every  feature  and  function  that  the 


business  users  need,  from  the  flow  of 
screens  to  the  names  of  data  fields. 

“It’s  a  very  detailed  picture  of  the 
application  and  how  it  will  be  used,” 
says  Fiscu.  “The  key  is  to  get  every¬ 
body  talking  upfront.  Testers,  analysts 
and  developers  need  to  communicate 
as  much  as  possible.” 

The  basic  goals  of  application  life- 
cycle  management  (ALM)  are  fairly 
straightforward.  They  include  ensur¬ 
ing  adequate  communication  between 
the  teams  responsible  for  each  stage 
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and  preventing  errors  from  progress¬ 
ing  through  the  cycle,  since  it  costs 
more  to  fix  errors  later  in  the  develop¬ 
ment  process  than  at  the  beginning. 

“The  life  cycle  may  appear  obvious, 
but  most  organizations  —  close  to  about 
90%  —  do  not  know  how  to  effectively 
manage  the  life  cycle,”  asserts  Theresa 
Lanowitz,  an  analyst  at  Gartner  Inc.  “If 
the  life  cycle  was  truly  embraced  with 
the  right  people,  process  and  technolo¬ 
gies,  we  would  see  better-quality  soft¬ 
ware  and  more  efficient  and  effective  IT 
organizations.  As  it  is,  most  IT  organi¬ 
zations  waste  quite  a  bit  of  their  bud¬ 
get  because  they  have  bad  business 
practices,  fail  to  deliver  on  require¬ 
ments  and  fail  to  manage  projects  to 
meet  schedule,  cost  and  quality  goals.” 

Quality  From  the  Start 

Establishing  clear  communication 
channels  among  developers,  testers 
and  the  business  users  is  critical  to 
successful  life-cycle  management.  This 
needs  to  be  made  part  of  the  process 
during  the  planning  stage. 

At  Staples  Inc.,  the  emphasis  is  on 
collaboration  among  everyone  in¬ 
volved  in  the  application’s  develop¬ 
ment,  testing  and  use,  according  to 
Kathy  Murray,  senior  manager  of  qual¬ 
ity  management  at  the  Framingham, 
Mass.-based  office  products  retailer. 

“We  meet  with  our  business  partners 
to  discuss  the  business  requirements, 
with  QA  there  as  well  so  they  under¬ 
stand  the  requirements,”  she  says.  “The 
more  time  we  spend  in  the  definition 
phase,  the  better  later  phases  go.  There 
are  studies  that  say  60%  to  70%  of  bugs 
are  introduced  during  the  definition 
stage,  and  we  find  that  to  be  true.” 


Poor  requirements  are  the  root  of 
most  QA  problems,  says  Arthur  Povlot, 
an  Atlanta-based  business  development 
manager  at  Tescom  Software  Systems 
Testing  Ltd.,  a  provider  of  QA  services. 
“Very  seldom  do  companies  imple¬ 
ment  quality  ‘gates’  at  the  require¬ 
ments  stage.  For  instance,  you  should 
have  the  requirements  audited  and 
signed  off  on  by  the  people  involved  — 
business  analysts,  marketing  managers, 
subject  matter  experts,  etc.,”  he  says. 

Programmers  tend  to  like  to  do 
things  their  own  way.  And  though  it’s 
probably  counterproductive  to  bog  de¬ 
velopers  down  with  red  tape,  it’s  nev¬ 
ertheless  a  good  idea  to  implement 
some  processes  and  procedures  for 
consistency  and  quality  control. 

Fiscu  highly  recommends  requiring 
developers  to  perform  specific  QA 
tests  on  their  code  before  handing  it 
off  —  bugs  and  all  —  to  the  QA  staff  to 
fix.  “Our  development  team  receives  a 
set  of  unit  test  scripts,  like  a  high-level 
checklist.  Development  is  done  only 
when  the  checklist  is  done,”  he  says. 
“This  way,  we  make  sure  we  don’t  push 
high-level  defects  from  development 
into  the  test  environment.” 

Another  common  difficulty  in  devel¬ 
opment  that  breeds  software  errors  is 
keeping  track  of  changes  and  versions. 
Configuration  management  and 
change  management  policies  and 
tools  help  enforce  a  standard  process 
for  creating  and  testing  code. 

American  Greetings  Corp.  in  Cleve¬ 
land,  for  instance,  relies  on  AllFusion 
Change  Manager  from  Computer  As¬ 
sociates  International  Inc.  to  track 
changes  to  its  code  throughout  the  de¬ 
velopment  process  and  enforce  com¬ 
pany  standards  for  development. 

“Someone  can’t  decide  to  use  a  dif¬ 
ferent  compiler,  for  instance,  or  skip 
a  test,  because  it’s  all  built  into  the 
process”  in  AllFusion,  says  Tom 
Brown,  software  manager  at  American 
Greetings.  “To  manage  the  life  cycle 
means  to  keep  the  source  code  as  cur¬ 
rent  and  consistent  as  far  as  the  type  of 
processes  and  compilers  that  we  used.” 

Testing  and  More  Testing 

While  developers  should  do  some  ear¬ 
ly  testing  as  they  go,  a  full-blown  test¬ 
ing  process/department  is  crucial  to 
finding  and  fixing  bugs.  After  develop¬ 
ers  pass  off  the  code,  it  should  be  sub¬ 
jected  to  a  variety  of  thorough  checks, 
including  functional  testing  to  evaluate 
the  flow  and  functional  correctness  of 
the  program,  integration  testing,  per¬ 
formance  testing,  security  testing,  and 
regression  testing  of  updates  and 
changes  to  a  program. 
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The  Chicago  Board  of  Trade  per¬ 
forms  a  number  of  manual  and  auto¬ 
mated  tests  on  applications,  including 
unit  testing  by  developers,  performance 
testing  using  QACenter  from  Compu- 
ware  Corp.  and  user-acceptance  testing 
or  functional  testing  by  the  traders  and 
brokers  who  will  use  the  software. 
CBOT  also  tests  with  an  eye  toward 
growth  and  heavier  traffic  in  the  future. 

“We  are  proactive,  not  reactive,  so 
we  test  for  future  loads  the  systems 
may  experience,”  says  David  Burkhart, 
director  of  quality  assurance  at  CBOT. 

Because  of  limits  on  time,  technolo¬ 
gy  and  human  capabilities,  even  the 
most  sensitive,  mission-critical  sys¬ 
tems  can’t  be  tested  to  100%  assurance. 
The  question  becomes  one  of  how 
many  tests  to  make  and  how  much 
time  to  take.  Povlot  advises  creating 
test  cases  for  100%  of  the  application’s 
most  critical  requirements.  (Test  cases 
are  lists  of  the  input  and  expected  re¬ 
sponses  needed  to  test  a  particular  fea¬ 
ture.)  Overall,  he  says,  you  should  be 
testing  90%  of  all  requirements. 

Automated  tools  can  help  speed  test 
planning  and  execution,  especially  for 
regression  testing.  “We’ve  decreased 
our  test  cycle  man-hours  by  50%,  en¬ 
abling  us  to  increase  test  coverage  by 
300%,”  says  Murray,  who  credits  the 
improvement  to  Staples’  use  of  SilkTest 
by  Segue  Software  Inc.  and  StarTest 


from  Star  Quality  in  Hopkinton,  Mass. 

Berkshire  Life  Insurance  uses  Em- 
pirix  Inc.’s  e-Test  Suite  to  manage  the 
testing  process  and  speed  regression 
testing.  “The  more  enhancements  we 
added,  the  more  time  the  regression 
phase  of  testing  took.  Now  automation 
frees  up  resources  and  also  ensures 
consistency,”  says  Fiscu. 

Closing  the  Loop 

Once  deployed,  an  application  must  be 
monitored  and  maintained.  Soon,  up¬ 
dates  to  the  software  will  begin  a  fresh 
application  life  cycle,  so  information 
collected  during  production  must  be 
fed  back  into  the  requirements  plan¬ 
ning  of  the  next  rendition. 

That  is  the  strategy  that  The  Dow 
Chemical  Co.  in  Midland,  Mich.,  fol¬ 
lows.  Dow’s  IT  staff  runs  a  variety  of 
test  scripts  on  new  applications,  using 
LoadRunner  from  Mercury  Interactive 
Corp.  After  deployment,  many  of  those 
scripts  are  run  again,  this  time  using 
one  of  Mercury’s  monitoring  packages 
—  Topaz  or  SiteScope  —  to  compare 
the  results.  Should  a  problem  with  the 
application  be  detected,  the  operations 
staff  at  Dow  conducts  an  incident- 
review  process  to  determine  the  cause. 

“Then  we  send  that  information 
back  to  development,  or  to  the  infra¬ 
structure  or  service  teams,  to  make 
the  appropriate  changes,”  says  Rich 


We  are  proac¬ 
tive,  not  reactive, 
so  we  test  for  future 
loads  the  systems  may 
experience. 

DAVID  BURKHART, 
DIRECTOR  OF  QUALITY  ASSURANCE, 
CHICAGO  BOARD  OF  TRADE 


Guidotti,  lead  architect  specialist  in 
Dow  Chemical’s  information  systems 
group. 

CBOT  also  uses  Compuware  moni¬ 
toring  software  to  catch  problems. 

“We  close  the  loop  after  it  goes  into 
production.  If  something  happens  once 
it’s  in  production,  we’ll  have  a  meeting 
to  discuss  it,  and  that  feedback  goes 
directly  to  QA,”  says  Burkhart. 

A  wide  range  of  vendors  has  prod¬ 
ucts  for  one  or  more  stages  of  the  life 
cycle.  A  few  are  beginning  to  assemble 
suites  aimed  at  being  complete  life- 
cycle  management  systems.  IBM’s 
Rational  unit  provides  an  end-to-end 
product  line,  ranging  from  its  Requi- 
sitePro  for  gathering  requirements, 
modeling  tools  and  testing  tools  to 
the  postdeployment  monitoring  and 
maintenance  products  of  IBM’s  Tivoli 
software. 

Likewise,  Mercury,  Compuware,  CA 
and  Segue  Software  all  either  purport 


to  or  plan  to  expand  their  product  cov¬ 
erage  to  hit  every  major  phase  of  the 
application  life  cycle. 

Although  an  integrated  platform 
might  be  an  ideal,  the  current  reality  is 
that  organizations  must  select  various 
products  from  different  vendors  to  au¬ 
tomate  portions  of  the  life  cycle,  such 
as  requirements  management,  automat¬ 
ed  functional  testing  and  postdeploy¬ 
ment  monitoring.  Some  offer  interfaces 
to  complementary  products,  but  many 
do  not,  or  at  least  not  to  every  one  a 
customer  may  happen  to  own. 

But  life-cycle  management  is  as 
much  a  matter  of  processes  as  it  is  the 
automated  technology  tools  used  to 
support  it.  So,  integrated  platform  or 
not,  say  experts,  the  goal  of  ALM  is  to 
minimize  errors  and  omissions  and  in¬ 
crease  the  quality  of  the  product. 

Or,  as  CBOT’s  Burkhart  says,  it’s  a 
matter  of  learning  from  past  mistakes 
and  not  reliving  them  in  each  new  cycle 
of  the  application.  “One  of  my  underly¬ 
ing  goals  is  to  never  repeat  a  mistake,” 
he  says.  “Everyone  makes  mistakes;  if 
they  didn’t,  we  wouldn’t  need  to  test 
anything.  But  we  strive  to  have  quality 
processes  in  place  to  prevent  us  from 
repeating  mistakes.”  ©  55496 


Hildreth  is  a  freelance  writer  in 
Waltham,  Mass.  She  can  be  reached 
at  Sue.Hildreth@comcast.net. 
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ospital  IT  infrastruc¬ 
tures  form  a  complex 
transactional  environ¬ 
ment  in  which  pulling 
applications  and  infor¬ 
mation  together  can 
be  not  just  mission-critical,  but  also  a 
matter  of  life  and  death. 

Entrenched  proprietary  systems  store 
patients’  clinical,  radiological,  demo¬ 
graphic  and  billing  information  as  text, 
images  and  voice-annotated  reports. 
That  information  must  be  dealt  with  in 
accordance  with  strict  clinical  priorities 
and  federal  regulations.  An  increasing 
number  of  health  care  organizations  are 
using  Web  services  and  service-orient¬ 
ed  architectures  to  make  critical  con¬ 
nections  in  their  information  systems. 

“We  are  building  SOAs  and  Web  ser¬ 
vices  that  will  not  only  integrate  differ¬ 
ent  systems,  but  also  take  care  of  the 
hospital’s  rules  —  a  heart  operation 
cannot  be  performed  on  the  second 
floor,  or  anesthesia  equipment  cannot 
be  located  in  the  cafeteria,  for  exam¬ 
ple,”  says  Furrukh  Khan,  director  of  the 
Collaborative  for  Applied  Software 
Technology  at  Ohio  State  University 
Medical  Center  in  Columbus. 

Khan  and  his  staff  have  developed  a 
Microsoft  .Net-based  SOA  that  in¬ 
cludes  Web  services  for  connecting 
hospital  monitoring  equipment  to 
back-end  databases.  Since  .Net  licenses 
were  already  in  place,  the  Web  ser¬ 
vices  were  developed  for  very  little 
cost,  Khan  explains. 

Using  Microsoft  Indigo  and  Micro¬ 
soft  Web  Services  Enhancements  for 
.Net,  which  provide  standards-based  se¬ 
curity  and  other  features  to  the  Visual 
Studio  .Net  and  .Net  frameworks,  Khan 
and  his  staff  have  linked  anesthesia  sys¬ 
tems  with  the  hospital’s  location  ser¬ 
vices,  which  are  stored  in  a  McKesson 
Corp.  hospital  information  system. 

As  a  result,  physicians  and  other  au¬ 
thorized  users  can  view  a  patient’s 
picture  and  vital  signs  remotely  on  a 
Web  browser,  says  Khan. 

Without  Web  services,  the  task  of  in¬ 
tegrating  patient  data  in  the  clinical 
and  departmental  systems  scattered 
throughout  hospital  facilities  has  been 


monumental,  say  hospital  CIOs. 

“I  have  clinical  software  from  17  ven¬ 
dors.  All  you’re  really  trying  to  do  is 
service  the  organization  and  doctors, 
but  it’s  a  terrible  struggle  to  get  infor¬ 
mation  between  the  different  electron¬ 
ic  environments,”  says  John  Wade,  vice 
president  and  CIO  at  Saint  Luke’s 
Health  System  Inc.  in  Kansas  City,  Mo. 

Saint  Luke’s  uses  systems  from  mul¬ 
tiple  hospital  software  vendors,  and 
even  with  in-house  programming  staff 
and  funds  at  his  disposal  for  integra¬ 


tion  projects,  Wade  says  it’s  still  very 
difficult  to  get  information  from  one 
electronic  environment  to  another. 

For  example,  the  hospital  has  devel¬ 
oped  a  custom  XML-based  application 
for  its  Web  portal.  Called  Post-It  Note, 
the  application  translates  Dictaphone 
voice  into  data  to  allow  physicians  to 
view  and  annotate  a  radiologist’s 
voice-based  report  on  a  Web  browser. 
The  patient  data  resides  in  a  system 
from  San  Francisco-based  McKesson. 
The  use  of  XML  has  made  the  applica¬ 


tion  a  service  that’s  accessible  to  a  va¬ 
riety  of  systems,  says  Wade. 

Part  of  the  difficulty  in  making  infor¬ 
mation  available  to  multiple  systems 
has  been  the  need  to  comply  with 
entrenched  hospital  data-transaction 
standards  such  as  the  Health  Level  7 
protocol.  HL7  is  used  for  interdepart¬ 
mental  patient-data  transactions 
among  clinical  systems,  including  hos¬ 
pital  information  systems  and  radiolo¬ 
gy,  laboratory  and  cardiology  systems. 
However,  custom  programming  has 


Web  services  and  SOAs  are  helping  health  care 
companies  integrate  systems,  save  money  and 
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often  been  required  to  integrate  hospi¬ 
tal  systems  that  use  HL7  with  systems 
that  don’t  use  the  protocol  —  essential¬ 
ly  any  software  that’s  not  health-care- 
specific,  including  reporting  and  billing 
applications.  As  a  result,  hospitals  can 
have  hundreds  of  HL7  interfaces 
among  systems  that  trade  basic  patient 
data,  according  to  hospital  IT  officials. 

Hospital  enterprise  application  ven¬ 
dors  have  had  to  provide  interfaces 
and  consulting  services  to  their  cus¬ 
tomers  to  ensure  that  all  systems  work 
together.  However,  this  is  cumbersome 
and  isn’t  achieving  true  integration,  ac¬ 
cording  to  Barry  Runyon,  an  analyst  at 
Gartner  Inc.  in  Stamford,  Conn. 

“Hospitals  are  a  heterogeneous  envi¬ 
ronment  with  regard  to  platforms  and 
applications,  and  by  passing  around 
HL7  to  10  different  systems,  they  don’t 
integrate;  they  interface,”  says  Runyon. 
“Integration  is  far  more  intimate  and 
requires  knowledge  of  workflow,  as 
well  as  a  security  model  and  other 
specifications.” 

More  difficulty  has  arisen  because 
vendors  have  been  slow  to  relinquish 
their  captured  customer  bases  by  mak¬ 
ing  their  applications  easier  to  inte¬ 
grate  with  competing  systems.  Even 
when  two  systems  support  HL7,  IT 
staffers  have  had  to  create  custom  in¬ 
terfaces  to  make  them  work  together. 

“Hospital  system  vendors  don’t  play 


well  with  others,”  says  Ken  Thomson, 
chief  architect  at  the  University  of 
North  Carolina  Health  Care  System  in 
Chapel  Hill.  “If  you  want  to  integrate 
their  software  with  lots  of  other  sys¬ 
tems,  you’re  out  of  luck.  We  developed 
our  own  XML-based  facades  to  their 
applications.  They’re  starting  to  realize 
they’re  never  going  to  own  the  space. 

In  the  end,  the  customer  will  be  the 
800-pound  gorilla  that  changes  this, 
because  they  need  direct  access  to 
those  applications.” 

At  Boston-based  CareGroup  Health¬ 
care  System,  Web  services  technology 
has  provided  an  efficient  means  of 
making  diverse  systems  work  together, 
says  John  Halamka,  CIO  of  the  four- 
hospital  network.  Using  development 
products  that  were  already  in  place, 
Halamka’s  staff  built  an  XML-based 
application  called  Care  Web  to  link 
12,000  users  on  146  internal  clinical  in¬ 
formation  systems  —  including  labora¬ 
tory,  radiology  and  pharmacy  systems 
—  across  the  organization. 

“Web  services  are  the  glue  that  you 
can  use  to  create  a  virtual  system,”  says 
Halamka,  who’s  also  a  Computerworld 
columnist.  “If  you  want  to  achieve 
seamless  data  integration,  you  can 
make  your  infrastructure  one  gigantic 
system  or,  cheaper  and  faster,  you  can 
use  Web  services.” 

Health  care  has  lagged  behind  other 


industries  in  implementing  SOAs,  for 
both  budgetary  and  historic  reasons. 

IT  budgets  in  the  sector  are  a  fraction 
of  those  in  other  industries.  To  make 
matters  worse,  HL7  didn’t  include 
XML  support  until  this  past  May. 
Moreover,  the  industry  groups  behind 
Integrating  the  Healthcare  Enterprise 
(IHE),  a  7-year-old  project  of  the 
Healthcare  Information  and  Manage¬ 
ment  Systems  Society  and  the  Radiolo¬ 
gy  Society  of  North  America,  are  just 
now  planning  to  include  XML  schemas 
in  the  framework. 

Waiting  for  Standards 

IHE  officials  say  they  have  been  wait¬ 
ing  for  standards  bodies  such  as  the 
World  Wide  Web  Consortium  and  the 
Organization  for  the  Advancement  of 
Structured  Information  Standards  to 
settle  on  security,  identity,  manageabil¬ 
ity  and  other  issues  before  including 
full-blown  Web  services  definitions  in 
its  framework. 

“Even  though  there  is  no  current 
work  being  done  within  IHE,  Web 
services  are  in  our  road-map  vision. 
The  key  issue  is  the  lack  of  mature 
health  care  standards  specifications 
for  Web  services,”  says  Glen  Marshall, 
co-chairman  of  the  IHE’s  infrastruc¬ 
ture  planning  committee  and  IT  archi¬ 
tect  at  Siemens  Medical  Solutions  in 
Malvern,  Pa. 


For  their  part,  vendors  say  they’re 
working  on  the  problem  as  their  cus¬ 
tomers’  IT  infrastructures  grow  more 
complex  and  the  need  increases  for 
customizable  XML  interfaces  that  sup¬ 
port  hospital  workflow  models. 

“With  Web  services,  we’re  giving 
our  customers  a  more  predictable,  reli¬ 
able  means  to  integrate  our  software 
without  needing  programmers  to  do 
the  heavy  lifting,”  says  Michael 
Solomon,  chief  architect  at  IDX  Sys¬ 
tems  Corp.  in  South  Burlington,  Vt. 
“This  requires  an  investment  by  the 
vendors,  who  have  to  figure  out  how  to 
‘expose’  their  applications,  and  that’s 
not  easy  to  do,  either  culturally  or 
philosophically.” 

As  it  stands,  hospitals  are  forced  to 
rely  on  only  a  few  vendors  —  usually 
no  more  than  two  or  three  —  to  ensure 
that  their  systems  work  together.  But 
even  then,  maintaining  application  in¬ 
terfaces  is  a  burden  on  IT  staffers. 

“Early  on,  we  standardized  our  ap¬ 
plications  as  part  of  the  selection 
process  to  make  sure  they  integrate 
with  each  other,  and  they’re  all  vendor- 
supported.  But  we  still  have  dedicated 
IT  people  for  managing  the  traditional 
interfaces,”  says  Nancy  Barrett,  direc¬ 
tor  of  information  systems  integration 
and  development  for  the  Lifespan 
health  system  in  Providence,  R.I. 

Hospital  IT  departments  that  are 


billion 

transactions  per  day  for  the  world's 
busiest  public  agency. 

At  peak  workloads,  that's  51,448  transactions  per  second  executed 
without  a  glitch  when  CA  software  automates  systems  and  processes. 
If  your  enterprise  needs  to  manage  critical  business  transactions  across 
platforms,  around  the  world,  with  this  kind  of  speed  and  reliability,  call 
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S1TY  Med¬ 
ical  Center’s  SOA-based  patient-tracking 
system  had  its  origins  in  frustration.  Many 
hospital  software  and  patient-monitoring 
equipment  products  that  the  center  was 
using  were  Unable  to  connect  to  patient 
databases.. 

.  This  connectivity  is  necessary  for  pa¬ 
tient  tracking  and  for  adding  new  data  to 
the  overall  electronic  medical  record, 
which  draws  from  a  variety  of  databases, 
says  Furrukh  Khan,  director  of  the  Collabo¬ 
rative  for  Applied  Software  Technology  at 
the  medical  center. 

“The  software  supplied  by  vendors  ei¬ 
ther  doesn't  extract  data  from  existing 
databases,  or  it’s  bound  together  with  pro¬ 
prietary  interfaces,”  says  Khan.  Before 
Web  services,  “you  had  to  either  write  the 
back-end  part  of  this  type  of  application 
yourself,  or  write  it  specifically  to  one  type 
of  software.  Now  the  monitoring  software 
sends  requests  to  the  SOA  in  XML,  and 


we’ve  built  in  a  system  that  includes  the 
rules  of  the  hospital.” 

With  Web  services,  Khan  says,  an  orga¬ 
nization  is  no  longer  forced  to  settle  for 
simple  asynchronous  point-to-point  inter¬ 
faces  between  applications  using  HL7,  the 
industry-standard  protocol  for  hospital 
data  transactions. 

After  merging  two  of  its  member  hospi¬ 
tals,  CareGroup  Healthcare  System  found 
that  it  might  have  patient  records  for,  say, 
a  Joe  Smith  on  more  than  one  hospital 
campus.  The  patient  medical  record  sys¬ 
tems  had  to  be  linked  in  order  to  avoid  er¬ 
rors  in  patient  demographic  data. 

Using  Microsoft's  .Net  Framework,  IT 
staffers  developed  the  Record  Locator 
Service,  which  automatically  locates  the 
data.  The  Web  service  enables  the  user  to 
provide  name,  gender  and  date  of  birth  to 
a  “community  utility"  Web  service  that  re¬ 
turns  a  list  of  all  care  sites  that  a  patient 
has  visited. 


“We  created  a  Web  service  that  figures 
out  where  all  the  patient  records  live  and, 
in  turn,  who  the  patients  are,  assuming 
you’ve  wrapped  all  the  legacy  systems  in 
Web  services.  It  basically  says  'Go  fetch’ 
across  the  entire  institution,”  says  John 
Halamka,  CIO  at  CareGroup.  “The  beauty 
is  creating  an  abstraction  layer  to  divorce 
you  from  the  complexity  of  the  underlying 
application.  You  don't  even  have  to  know 
what  the  application  is.” 

Halamka’s  IT  staff  has  also  developed 
Web  services  that  use  SOAP  for  a  number 
of  HL7  systems,  including  those  that  pro¬ 
vide  medication  lists  and  problem  lists,  as 
well  as  “wrappers”  for  older  laboratory,  ra¬ 
diology  and  other  departmental  systems. 

“These  services  are  all  objects  that  let 
me  not  only  link  data  from  different  sys¬ 
tems,”  says  Halamka,  “but  also  do  audits 
and  security  without  having  to  build  one- 
off  solutions  for  each  vendor’s  system.” 

-JohnS.  Webster 


HERE’S  HOW  RLS  WORKS: 

1.  After  a  patient  visit,  health  care 
provider  publishes  index  of  records 


location  to  RLS  registry 


2.  Patient  sees  another  health  care 
provider,  which  queries  RLS  for  the  loca 
tion  of  other  records  for  the  patient. 

3.  RLS  provides  index  to  record  location. 


4.  With  the  index,  second  provider 
requests  record  from  original  provider 

5.  Original  provider  sends  records. 


Request 

record 

locations 


for  patient 


smHH 


ictions. 


Request 
patient  medical 
records 


Publish  index  to 
location  of  patient 
medical  records 


Provide 

patient  medical 
records 


beginning  to  deploy  Web  services  in  an 
SOA  have  found  that  the  technology 
not  only  eases  integration  between  dis¬ 
parate  systems  but  can  also  help  them 
customize  applications  to  the  specific 
needs  of  their  users. 

“The  whole  one-size-fits-all  vendor 
model  is  flawed,”  says  Paul  Chang,  di¬ 
rector  of  radiology  at  the  University  of 
Pittsburgh  Medical  Center.  “The  user 
should  be  able  to  create  the  view  they 
need  of  the  application  they’re  using.  A 
true  Web  services  and  SOA  model  is  so 
promising  because  I  can  provide  opti¬ 
mized  tools  to  our  users  without  re¬ 
inventing  the  wheel.  Software  should 
bend  to  the  will  of  the  user,  not  the 
other  way  around.” 

Whether  an  organization  uses  Micro¬ 
soft’s  .Net  or  Java  systems  from  IBM, 
BF.A  Systems  Inc.,  Oracle  Corp.  and 


others  —  or  both  —  chances  are  that  it 
has  programmers  with  the  skills  need¬ 
ed  to  develop  Web  services,  says  Chang. 
Established  Web  services  standards 
such  as  Simple  Object  Access  Protocol 
(SOAP)  and  Web  Services  Description 
Language  (WSDL),  along  with  more 
recent  standards  that  govern  security 
and  reliability,  give  IT  managers  enor¬ 
mous  flexibility,  he  says. 

“Our  IT  lab  is  split  down  the  middle 
between  programmers  who  use  .Net 
and  those  who  use  Java. ...  I  can  be 
completely  agnostic.  The  Web  service 
can  be  half  Java  and  half  .Net.  Even  Mi¬ 
crosoft  and  IBM  will  tell  you  it  all 
works  together,”  Chang  says. 

New  Web  services  standards  make 
hospital  implementations  of  SOAs  pos¬ 
sible,  says  Ohio  State’s  Khan.  “Until  re¬ 
cently,  there  were  no  standards  for  se¬ 


curity,  reliable  messaging  or  transac¬ 
tions.  SOAP  and  WSDL  were  just  the 
starting  point.  You  could  discover  and 
talk  to  each  other’s  applications,  but 
you  had  to  do  things  like  security  your¬ 
self,  which  makes  that  part  of  the  ser¬ 
vice  proprietary,”  he  says. 

Shift  in  Thinking 

It’s  precisely  the  diversity  of  IT  infra¬ 
structure  that  makes  a  hospital  an  ideal 
setting  for  SOAs.  Not  only  is  the  envi¬ 
ronment  strewn  with  proprietary  and 
legacy  systems,  but  the  hospital  work¬ 
flow  also  requires  a  nimble  software  ar¬ 
chitecture  to  keep  data  moving  smooth¬ 
ly  around  the  enterprise,  says  Chang. 

“Traditional  software  capabilities 
aren’t  enough,  and  traditional  vendors 
can’t  keep  up  because  workflow  always 
changes  in  the  hospital,”  he  says. 


“Imaging  modalities  alone  can  change 
every  day.” 

Although  the  actual  code  work  to  de¬ 
velop  Web  services  isn’t  difficult, 
switching  to  an  SOA  makes  business 
process  analysis  crucial,  Thomson  at 
the  UNC  Health  Care  System  says. 

“Web  services  get  rid  of  a  lot  of  the 
complicated  work.  The  XML  piece  it¬ 
self  was  one  of  the  simplest  parts  for 
us  to  develop.  It  was  much  more  diffi¬ 
cult  to  work  out  the  business  side,”  he 
says.  “It’s  very  important  to  know  the 
structure  of  the  XML  document.  You 
have  to  ask  the  right  questions  to  de¬ 
cide  things  like  what  the  data  structure 
is,  or  the  format  of  exchange  for  a 
medication  list.” 

In  small  institutions,  where  both 
funding  and  staffing  resources  are  in 
short  supply,  the  mapping  of  business 
processes  is  important,  adds  Gartner’s 
Runyon.  “Understanding  the  business 
requirements  is  what’s  difficult.  Anyone 
can  write  a  Web  service.  But  you  have 
to  also  ask  things  like,  ‘Is  it  properly  ab¬ 
stracted?’  Moving  forward,  hospitals 
will  think  about  integration  beforehand. 
Now,  the  [electronic  medical  record]  is 
going  to  require  well-thought-out  busi¬ 
ness  issues,  both  semantically  and  syn¬ 
tactically.  It’s  a  whole  other  architectur¬ 
al  dilemma,”  he  says. 

And  Web  services  will  become  an 
integral  part  of  the  IT  planning  process 
because  the  work  of  developing  cus¬ 
tom  interfaces  for  every  vendor  will  be 
eliminated,  say  hospital  IT  managers. 

“Much  of  whether  or  not  to  imple¬ 
ment  Web  services  boils  down  to  strat¬ 
egy.  What  organizations  with  SOAs  are 
doing  is  putting  together  the  muscle 
that  will  broker  data  from  several  dis¬ 
parate  systems  with  or  without  the 
HL7  limitations,”  says  Scott  Ogawa, 
chief  technology  officer  at  Children’s 
Hospital  Boston. 

The  hospital  plans  to  use  Web  ser¬ 
vices  to  exchange  data  with  its  exter¬ 
nal  partners  in  Massachusetts  SHARE 
(Simplifying  Healthcare  Among  Re¬ 
gional  Entities),  a  regional  collabora¬ 
tive  initiative  for  data  exchange  operat¬ 
ed  by  the  Massachusetts  Elealth  Data 
Consortium.  But  Ogawa  also  sees  the 
potential  for  the  technology  inside  the 
organization. 

“On  the  clinical  side  of  things,  we’re 
looking  for  ways  to  not  have  to  tie  sys¬ 
tems  together  using  custom  interfaces, 
but  rather  integrating  them  with  Web 
services  such  that  we  don’t  have  to 
build  broker  solutions.”  ©  55506 


Webster  is  a  freelance  writer  in 
Providence,  R.I.  He  can  be  reached 
at  john.s.webster@verizon.net. 
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Summer  Reading 
ForTechnophiles 


LET'S  FACE  IT:  An 
evocative  whiff 
of  cocoa  butter 
can  get  to  even 
the  most  serious  technol¬ 
ogy  workers  among  us, 
inspiring  them  to  ease 
up  just  a  bit.  Perhaps  only 
a  few  will  hunker  down 
on  a  beach  towel  with 
Harry  Potter  and  the  Half- 
Blood  Prince,  but  most 
will  be  ready  for  a  break 
from  service  manuals  and 
all  those  5-pound  tomes 
on  Linux  clustering  or  Windows 
forensics. 

The  following  titles  should  have  ap¬ 
peal  for  the  techno-sawy  but  are  in¬ 
tended  to  provide  something  more 
entertaining  or  speculative  than  the 
customary  deep  dive  into  a  sea  of  bits 
and  bytes.  Two  of  the  books  were  pub¬ 
lished  recently,  but,  as  with  any  sum¬ 
mer  reading  list,  an  old  favorite  is  here 
as  well,  ready  to  be  revisited  or  discov¬ 
ered  for  the  first  time. 


■  High-Tech  Crimes 
Revealed:  Cyberwar  Stories 
From  the  Digital  Front,  by 

Steven  Branigan  (Addi- 
son-Wesley,  412  pages, 
$29.99).  Branigan  has 
pulled  off  a  very  difficult 
balancing  act.  His  be¬ 
hind-the-scenes  descrip¬ 
tions  of  investigations 
into  cybercrimes  have 
enough  dark  detail  to 
keep  any  reader  _ 
turning  the  pages, 
engrossed  in  how 
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the  cases  were  cracked  and  the 
perps  brought  to  justice.  But 
High-Tech  Crimes  Revealed  is 
also  intended  to  be  instructive, 
and  through  a  variety  of  devices 

—  clear  explanations  of  criminal 
methods,  intriguing  statistics, 
charts,  diagrams  and  tips  boxes 

—  it  succeeds.  Most  readers  will 
be  entertained  and  gain  a  clearer 
understanding  of  cybercrime  and 
the  urgent  need  to  stop  it. 


■  It’s  Alive:  The  Coming  Con¬ 
vergence  of  Information,  Biol¬ 
ogy  and  Business,  by  Christo¬ 
pher  Myer  and  Stan  Davis 

(Crown  Business,  288  pages, 

$27.50).  Initially  published 
in  2003,  this  certainly  wasn’t 
the  first  book  to  apply  con¬ 
cepts  from  biology  and  oth¬ 
er  natural  sciences  to  IT 
and  business,  but  it  remains 
one  of  the  most  readable 
and  provocative.  It’s  Alive  is 
a  10-year  look  into  the  future 
toward  what  the  authors  call  the 
“molecular  economy.”  The  book  pur¬ 
ports  to  be  a  management  guide  for  the 
business  environment  created  by  that 
new  economy,  an  environment  Myer 
and  Davis  have  dubbed  the  “adaptive 
enterprise.”  But  its 
most  interesting 
passages  deal  with 
the  science  from 
which  it  builds  its 
metaphors. 

Two  years  into 
the  decade  the  au¬ 
thors  were  specu¬ 
lating  about,  some 
of  their  observa¬ 
tions  seem  a  bit 
p overheated, and 
the  book  covers  so 
much  ground  so 
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quickly  that  it  can  trig¬ 
ger  giddiness  instead 
of  thoughtfulness. 

But  there’s  certainly 
enough  substance  here 
to  lure  the  reader  to 
check  in  again  in  2013 
to  see  how  clear  Myer 
and  Davis’  vision 
turned  out  to  be. 


f  ■  The  Silicon  Eye,  by 

i  George  Gilder  (Atlas 
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Books,  318  pages,  $27.50). 
Gilder’s  silicon  sagas  add 
more  than  a  little  extra  drama  to  tales 
of  technologists  at  work,  and  his  sweep¬ 
ing  statements  about  technology  and 
society  are  sometimes  hard  to  swallow, 
but  he  knows  how  to  spin  a  yarn. 

The  Silicon  Eye  tells  the  story  of 
Foveon  Inc.,  a  start-up  that  uses  re¬ 
search  that  blends  IT,  optics  and 
neurobiology  in  an  effort  to  build  a 
new  kind  of  digital  camera.  Among  the 
cast  of  real-life  characters  are  Michelle 
Mohowald,  the  young  scientist  upon 
whose  ideas  the  company  rests,  and 
Carver  Mead,  the  legendary  Caltech 
electronics  guru.  Their  battle  to  make 
a  dent  in  the  market  dominated  by 
Japanese  corporate  giants  is  engross¬ 
ing  and  instructive.  Find  a  shady  spot 
and  enjoy  yourself.  ©  55637 

—  Tommy  Peterson 


billion 

in  loans  for  a  leading  provider. 

In  a  highly  regulated  industry,  eight  million  borrowers  count 
on  fast,  reliable  service  when  CA  software  automates  systems 
and  processes. To  manage  your  customer  relationships  with 
the  same  degree  of  confidence,  call  a  CA  representative  at 

1-888-423-1000  or  visit  ca.com/didyouknow 
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FOR  DELL'S  END-TO-END 


NOW  IS  THE  TIME  TO 

get  a  complete  portfolio  of  innovative 
technology  and  expertise  to  address  your 
growing  storage  demands.  Dell  brings  it 
all  together:  from  SAN  to  NAS  to  Tape 
Backup  systems,  to  the  services  it 
takes  to  expertly  plan,  implement  and 
manage  your  total  information  needs.  Get 
consolidation,  business  continuity  and 
compliance  every  step  of  the  way  and 

GET  MORE  OUT  OF  NOW. 


STORAGE 
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Dell  cannot  be  responsible  for  errors  in  typography  or  photography.  Dell  and  the  Dell  logo  are 
trademarks  of  Dell  Inc.  ©  2005  Dell  Inc.  All  rights  reserved.  Reproduction  or  translation  of  any  part 
of  the  work  beyond  that  permitted  by  U.S.  copyright  laws  without  the  written  permission  of  Dell  Inc. 
is  unlawful  and  strictly  forbidden. 


Click  www.dell.com/storage35 
Call  (toll  free)  1.866.218.7708 
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Learn  How  to  Achieve 
Storage  Networking  Success 


Featured  Speakers  Include: 

JOSEPH  AMADO 

Vice  President,  Information  Services 
Philip  Morris,  USA 


YURI  AGUIAR 

Senior  Partner,  Chief  Technology  Officer 
Ogilvy  &  Mather  Worldwide 

KEN  BLACK 

Global  Storage  Achitect 
Yahool 


CTl  KARLTON  D.  JOHNSON 

VSf  Lieutenant  Colonel,  U.S.  Air  Force 
US  Army  War  College,  Class  AY06 


JOSEPH  M.  TUCCI 

President  &  CEO 
EMC  Corporation 


The  Leading  Conference  for: 

•  IT  Management 

•  Storage  Architects 

•  IT  Infrastructure  Professionals 

•  Business  Continuity  Planning  Experts 

•  Data  Management  Specialists 

•  Network  Professionals 

To  register  or  for  more  information, 
visit  www.snwusa.com/cw 


Attendees  at  Storage  Networking  World  Fall  2005  will  see  solutions  from  companies  including:  asof7/i8/05 
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October  24-27,  2005  •  JW  Marriott  Grande  Lakes  Resort  •  Orlando,  Florida 


"...  SNW,  more  than  other 
conferences,  brings  together 
all  the  right  vendors  and  all 
the  right  users ...” 


Andre  Mendes 
Chief  Technology 
Integration  Officer,  Public 
Broadcasting  Service 


"...  the  premier  event  in  the 
storage  industry ..." 


Frank  Enfanto 
Vice  President, 

Operations  Delivery  & 
Information  Security, 

Blue  Cross  Blue  Shield  of 
Massachusetts 
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Learn  How  to  Achieve 
Storage  Networking  Success 

•  Get  a  Contemporary  Overview  of  Today’s  Storage  Networking  Issues  and 
Opportunities 

•  See  How  to  Implement  and  Deploy  the  Latest  in  Storage  Networking 
Technologies 

•  Hear  the  Latest  in  Enterprise  Security 

•  Learn  from  Best  Practices  and  Case  Studies 

Why  You  Should  Attend 

Are  you  responsible  for  managing  your  company’s  data  center  assets?  Want  to 
exchange  innovative  ideas  and  strategies  with  other  executives  who  share  the  same 
objectives?  Then  attend  Storage  Networking  World,  where  you’ll  network  with  and 
learn  from  renowned  experts  and  the  nation’s  top  user  executives. 

What  You’ll  Learn 

In  this  executive-forum  setting,  you’ll  hear  directly  from  executives  and  managers  in 
user  companies.  They'll  address  a  wide  variety  of  today’s  burning  issues  like: 

•  CTO  Insights 

•  Enterprise  Business  Applications 
and  Databases 

•  Critical  and  Emerging  Technology 
Topics 

•  High  Bandwidth  Storage 
Applications 

•  Small  Medium  Business 
Considerations 


•  Selecting  and  Deploying  Storage 
Networks 

•  Data  Center  and  Infrastructure 
Considerations 

•  Storage  Security 

•  Managing  Storage  Networking 
Solutions 

•  Managing  Deployments  of  Existing 
and  Emerging  Technologies 

•  Deploying  Storage  to  Meet  Industry 


HSee  SNW’s  Interoperability  &  Solutions  Demo 

No  other  storage  event  gives  you: 

•  40-plus  SNIA  member  companies  collaborating  on 
integrated  solutions 

•the  opportunity  to  meet  leading  experts  and  engineers 


=  IDC  Storage  Analyst  Briefing 

In  this  fast-paced  session,  I  DC’s  top  storage  analysts  will 
examine  companies'  growing  interest  in  deploying  tiered 
storage  solutions  and  assess  its  impact  on  storage  compo¬ 
nents,  systems,  networks,  management  and  services. 


For  more  information  and  to  register,  visit  www.snwusa.com/cw  or  call  1-800-883-9090 


For  more  information  and  to  register,  visit  www.snwusa.com/cw  or  call  1-800-883-9090 


Conference  At-a-Glance  (subject  to  change) 

For  details,  updates,  and  to  register  visit  www.snwusa.com/cw 


MONDAY,  OCTOBER  24 


Registration  Open  8:00am  -  8:30pm 


9:30am  -  1 1 :30am 
1 1 :30am  -  1 :00pm 
1 2:00pm  -  5:00pm 
1 :00pm  -  5:00pm 
1 :00pm  -  5:25pm 
4:40pm  -  6:30pm 
5:00pm  -  7:00pm 

7:00pm  -  9:00pm 


Primer  and  Tutorial  Tracks 
Luncheon 

Pre-Conference  Golf  Outing 
I  DC  Analyst  Briefing 
SNIA  Technical  Tutorials 
End  User  Town  Hall  Meeting 

Speed  Dating  with  I  DC: 

A  Channel  Partner  Networking  Event  at  SNW 
Welcome  Reception 


TUESDAY,  OCTOBER  25 


Registration  Open  7:00am  -  8:00pm 


7:00am  -  8:00am 
8:00am  -  1 2:30pm 
1 2:45pm  -  2:00pm 
2:1 0pm  -  5:40pm 

5:40pm  -  8:40pm 


Breakfast 

General  Conference  Sessions 
Luncheon 

Concurrent  Sessions  (IT  End-User  Case  Studies,  SNIA  Technical 
Tutorials,  Deployable  Solutions  Tracks) 

Expo  with  Dinner  and  Interoperability  &  Solutions  Demo 


WEDNESDAY,  OCTOBER  26 _ Registration  Open  7:00am  -  7:30pm 


7:1 5am  -  8:1 5am 
8:30am  -  1 2:1 5pm 
1 2:1 5pm  -  2:00pm 
1 2:1 5pm  -  7:1 5pm 
2:1 0pm  -  5:40pm 

4:00pm  -  7:00pm 
7:00pm  -  9:30pm 


Breakfast 

General  Conference  Sessions 
Expo  with  Luncheon 
Interoperability  &  Solutions  Demo 

Concurrent  Sessions  (IT  End-User  Case  Studies,  SNIA  Technical 
Tutorials,  Deployable  Solutions  Tracks) 

Expo  Open 

Gala  Evening  with  Dinner  and  Entertainment 


"...  the  greatest  thing  about 
being  at  SNW  is  the  ability 
to  network  with  peers  ...” 

Sasan  Hamidi 

CSO, 

Interval  International 


”...  SNW  is  so  concentrated 
that  it  gives  you  a  good  view 
of  the  overall  industry  ...” 


Jeff  Pelot 

CTO,  Denver  Health  and 
Medical  Center 


"*^2  SNIA 

Attend  SNIA-Certified 
Training  Programs  at  SNW 

Visit  www.snwusa.com  for  more 
information. 


THURSDAY,  OCTOBER  27 _ Registration  Open  7:30am  -  10:30am 


7:30am  -  8:30am 
8:30am  -  1 2:00pm 

12:00pm 


Breakfast 

Concurrent  Sessions  (IT  End-User  Case  Studies,  SNIA  Technical 
Tutorials,  Deployable  Solutions  Tracks) 

Conference  Concludes 


JW  Marriott 
Grande  Lakes  Resort 

Orlando,  Florida 


The  Ritz-Carlton 
Golf  Club 

Orlando,  Florida 


Pre-Conference  Golf  Outing 

Complimentary  for  Registered  IT  End-Users 

The  Pre-Conference  Golf  Outing  at  The  Ritz-Carlton  Golf  Club  located 
adjacent  to  the  JW  Marriott  Grande  Lakes  Resort,  is  complimentary 
($125  value)  for  registered  IT  End-Users  (other  participants,  including 
sponsors  and  vendors,  may  play  on  an  “as  available”  basis  and  are 
responsible  for  all  applicable  golf  outing  expenses). 

For  details  contact  Chris  Johnson  at  1-508-820-8652 


Hotel  Reservations  and  Travel  Services 

Global  Odysseys  is  the  official  travel  company 
for  Storage  Networking  World.  They  are  your 
one-stop  shop  for  exclusive  discounted  rates  on 
hotel  accommodations. 

To  reserve  your  accommodations,  visit:  www.etcentral.com 
You  can  also  call  our  conference  housing  line  at:  1-888-254-1597 


Global  OdyBHeyn 


October  24-27,  2005  •  JW  Marriott  Grande  Lakes  Resort  •  Orlando,  Florida 
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October  24-27,  2005 
JW  Marriott 
Grande  Lakes  Resort 
Orlando,  Florida 


Application  for  Conference  Registration 

Fax  this  completed  application  to  1-508-820-8254  or  apply  online  at:  www.snwusa.com/cw 


Your  business  card  is 
REQUIRED 

to  process  your  application 

Please  affix  your  business  card  to  this  space  prior  to 
submitting  your  application.  Applications  submitted 
without  business  cards  will  not  be  processed. 

Questions?  Call  1-800-883-9090 


If  not  indicated  on  your  business  card, 
please  provide  the  following  required 
information: 


Corporate  Email  Address 


Corporate  Website 

Registration  questions? 

Call  1-800-883-9090  or  email 
snwreg@computerworld.com 

Need  accommodations? 

Reserve  them  at:  www.etcentral.com 

Or  call  1-888-254-1597 
or  email:  eventhousing@globalodysseys.com 


Please  check  ONE  of  the  following: 

Earlybird  Registration  (through  September  12, 2005) 

Fuli/Onsite  Registration  (after  September  12,  2005) 

1  i  1  am  an  IT  End-User* 

(Complete  Attendee  Profile  below) 

□  $1,290  General  Conference  Package 

(includes  General  Conference,  plus  Technical  and  Business  Tracks, 

SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 

O  $1,690  General  Conference  Package 

(includes  General  Conference,  plus  Technical  and  Business  Tracks, 

SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 

*  IT  End-Users  are  defined  as  those  who  are  attending  Storage  Networking  World  with  an  intent  (and  an  IT  spending  budget)  to  potentially  buy/lease  hardware/software/services,  etc  from  our  conference  sponsors  and  are  not  themselves  an  IT  vendor.  As  such, 
account  representatives,  business  development  personnel,  analysts,  consultants  and  anyone  else  attending  who  does  not  have  IT  purchasing  influence  within  their  organization  are  excluded  from  the  “IT  End-User"  designation.  Interpretation  and  enforcement  of 
this  policy  are  at  the  sole  discretion  of  Computerworld. 


Attendee  Profile:  This  section  MUST  be  completed  by  IT  End-Users  and  Channel  Partners/Integrators/Consultants  only  (optional  for  all  other  registrations)  in  order  to  process  your  application. 


Your  Business/Industry 

□  Aerospace 

□  Manufacturing  &  Process  Industries  (non-computer  related) 

□  Finance/Banking/Accounting 

□  Insurance/Real  Estate/Legal  Sevices 

□  Government:  Federal  (including  Military) 

□  Government:  State  or  Local 

□  Health/Medical/Dental  Services 

□  Retailer/Wholesaler/Distributor  (non-computer  related) 

□  Transportation/ Utilities 

□  Communication  Carriers 

(ISP,  Telecom,  Data  Comm,  TV/Cable) 

□  Construction/Architecture/Engineering 

□  Data  Processing  Services 

□  Education 

□  Agriculture/Forestry/Fisheries 

□  Mining/Oil/Gas 

□  Travel/Hospitality/Recreation/Entertainment 

□  Publishing/Broadcast/ Advertising/ 

Public  Relations/Marketing 

□  Research/Development  Lab 

□  Business  Services/Consultant  (non-computer  related) 

□  Manufacturing  of  Computers,  Communications, 

Peripheral  Equipment  or  Software 


Your  Job  Title/Function: 

IT  MANAGEMENT 

□  CIO,  CTO,  CSO 

□  Executive  VP,  Senior  VP 

□  Vice  President 

□  Director 

□  Manager/Other  IT  Manager 

□  Supervisor 

BUSINESS  MANAGEMENT 

□  CEO,  COO,  Chairman,  President 

□  CFO,  Controller,  Treasurer 

□  Executive  VP,  Senior  VP,  VP,  General  Manager 

□  Director,  Manager 

□  Other  Corporate/Business  Manager 

Number  of  employees  in  your  entire  organization 
(ALL  locations) 

□  20,000  or  more 

□  10,000-  19,999 

□  5,000  -  9,999 

□  1,000-4,999 

□  500  -  999 

□  100-499 

□  50-99 

□  Less  than  50 


What  is  your  organization’s  annual  IT/IS  budget 
for  all  IT/IS  products? 

□  $1  Billion  or  more 

□  $500  Million  -  $999.9  Million 

□  $100  Million -$499.9  Million 

□  $50  Million  -  $99.9  Million 

□  $10  Million -$49.9  Million 

□  $1  Million  -  $9.9  Million 

□  $500,000  -  $999,999 

□  $250,000  -  $499,999 

□  $100,000 -$249,999 

□  Less  than  $100,000 

What  is  the  estimated  annual  revenue  of 
your  entire  organization? 

□  Over  $10  Billion 

□  $1  Billion  -  $9.9  Billion 

□  $500  Million  -  $999  Million 

□  $100  Million -$499  Million 

□  Less  than  $100  Million 


The  one  item  that  best  describes  your  involvement  in 
the  IT  purchase  process 

□  Authorize/approve  purchase 

□  Evaluate/recommend  products,  brands,  vendors 

□  Specify  features/technical  requirements 

□  Set  budget  for  expenditures 

□  Determine  need  to  purchase 

□  Create  IT  strategy 

□  All  of  the  above 

Would  you  like  to  receive  information  about  playing  in 
the  golf  outing  on  Monday,  October  24th? 

□  Yes 

□  No 

Do  you  need  hotel  accomodations? 

□  Yes  (please  visit  www.etcentrai.com  to  reserve) 

□  No 

Would  you  like  to  receive  a  complimentary 
subscription  to  Computerworld? 

□  Yes 

□  No 


□  I  am  a  Channel  Partner/ 
I  nteg  rator/Consulta  nt 

(Complete  Attendee  Profile  above) 


□  $3,000  General  Conference  Package 
(includes  General  Conference;  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNIA  Certification  “Test-Ready"  Courses) 


□  $3,500  General  Conference  Package 
(includes  General  Conference;  Technical  and  Business  Tracks, 
SNIA-produced  Tutorials,  SNiA  Certification  "Test-Ready"  Courses) 


By  participating  in  SNWs  Channel  Partner/Integrator  registration  package,  registrants  may  enjoy  the  following  benefits:  One  company  representative  may  receive  a  full  conference  pass  to  SNW  Fall  2005;  additional  company 
representatives  pay  the  prevailing  rate  for  full  conference  passes;  company  may  invite  up  to  five  IT  User  customers  to  attend  SNW  Fall  (IT  Users  must  be  strictly  compliant  with  IT  User  definition  on  the  supplied  registration  form); 
companies  registering  for  this  package  interested  in  joining  the  SNIA  are  eligible  to  receive  a  $2,000  discount  provided  that  membership  is  applied  for  prior  to  October  1 , 2005. 


P|  My  company  is  Sponsoring/ 
Exhibiting  at  SNW 


□  $1,230  General  Conference  Package 

(includes  General  Conference,  plus  Technical  and  Business  Tracks, 

SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 


□  $1,690  General  Conference  Package 

(includes  General  Conference,  plus  Technical  and  Business  Tracks, 

SNIA-produced  Tutorials,  SNIA-Certification  “Test-Ready"  Courses) 


As  a  sponsor,  you  may  be  eligible  to  attend  using  a  registration  provided  with  your  sponsorship.  (If  those  registrations  have  already  been  assigned/used,  then  you  may  register  at  the  prevailing  rates  above.)  See 
the  current  list  of  sponsors  at  www.snwusa.com.  Questions?  Call  1  -800-883-9090  or  email  snwreg@computerworld.com. 


[]  lama  representative  of  a  Non-Sponsoring  IT  Vendor  Company 

□  $5,000  Business  Development  Professional  Package  for  Sales,  Marketing  and  Business  Development  Professionals  (includes  General  Conference  Sessions,  Expo,  Meals  &  Receptions) 


Vendors  are  encouraged  to  participate  in  Storage  Networking  World  through  sponsorship.  (Details  are  available  by 
calling  Ann  Harris  at  508-8208667.)  Alternatively,  vendors  (as  well  as  other  “non-IT  end-user"  professionals  as 
defined  by  Computerworld),  may  apply  for  registration  at  the  "non-sponsoring  vendor"  rate  of  $5,000.  Determination 
of  what  constitutes  a  “non-sponsoring  vendor"  registration  is  made  exclusively  by  Computerworld. 

Please  call  888-239-4505  with  questions. 


Q  I  am  a  Financial/Equity  Analyst  and/or  Venture  Capital  Professional 

□  $1,290  (through  September  1 2,  2005)  □  $1,690  (after  September  12,  2005) 

General  Conference  Package  General  Conference  Package 

(includes  General  Conference  Sessions,  Expo,  (includes  General  Conference  Sessions, 
Meals  &  Receptions)  Expo,  Meals  &  Receptions) 


Q  I  am  a  qualified  member  of  the  press.  I  can  verify  my  press  credentials. 
Press  should  call  Customer  Service  at  (800)  883-9090  to  register. 

Please  fax  this  completed  application  to  1-508-820-8254 


Payment  Method 

□  Check 

(checks  must  be  received  by  September  27,  2005  payable  to:  Computerworld) 

Mail  to:  Computerworld,  Attn:  Mike  Barbato,  One  Speen  Street  Framingham,  MA  01701 

□  American  Express  □  VISA  □  MasterCard 

Account  Number: _ 

Expiration  Date: _ 

Card  Holder  Name: _ 

Signature  of  Card  Holder: _ 

Cancellation  Policy  (All  of  the  following  require  written  notification  by  September  27,  2005.) 
In  the  event  of  cancellation,  the  registrant  has  three  options: 

1 )  He  or  she  may  substitute  another  attendee  for  this  conference. 

2)  He  or  she  may  transfer  this  registration  to  the  Storage  Networking  World  Spring  2006  conference. 

3)  The  registration  fee  will  be  refunded,  less  a  $250  sen/ice  charge  (if  written  notice  is  received  by  September  27,  2005). 
Please  send  cancellation  requests  via  email  to:  snwreg@computerworld.com 


Got  Questions  About 
Enterprise  Analytics? 

Computerworld’s  IT  Management  Summit  Has  the  Answers 


Exclusively  sponsored  by 


Ssas.  inU 

The  Power  to  Know* 

SAS  and  all  other  SAS  Institute  Inc.  product  or  service  names  are  registered  trademarks 
or  trademarks  of  SAS  Institute  Inc.  in  the  USA  and  other  countries.  ®  indicates  USA 
registration.  Other  brand  and  product  names  are  trademarks  of  their  respective  compa¬ 
nies.  Intel  and  the  Intel  logo  are  trademarks  or  registered  trademarks  of  Intel 
Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries. 


Looking  to  better  understand  enterprise 
analytics?  Apply  to  attend  Computerworld’s 
complimentary*  half-day  IT  Management 
Summit:  Beyond  Business  Intelligence. 

Enterprise  analytics  enable  companies  to 
make  timely  fact-based  decisions  using 
critical  information  from  across  the  entire 
organization.  By  fully  leveraging  data, 
technology,  skills  and  processes,  successful 
users  of  enterprise  analytics  go  beyond 
simply  understanding  the  past,  to  predicting 
outcomes  that  improve  overall  corporate 
performance. 

This  summit  will  feature  the  latest  insights 
of  business  intelligence  industry  experts  and 
will  give  you  first-hand  information  on  the 
innovations  and  experiences  of  companies 
successfully  deploying  enterprise  analytics. 

*  Complimentary  registration  is  restricted  to 
qualified  IT  managers  only. 

Apply  for  registration  today 

Contact  Chris  Leger  at  888-299-0155 
or  visit:  www.itmanagementsummit.com 

This  program  will  also  take  place  in: 

San  Francisco,  California  •  September  20,  2005 


Beyond  Business  Intelligence: 

Using  Enterprise  Analytics  to  Drive 
Fact-Based  Decisions 

New  York,  New  York  •  August  9,  2005 

New  York  Marriott  Financial  Center  •  85  West  Street  •  New  York  City 


8:00am  to  8:30am 
8:30am  to  8:40am 

8:40am  to  9:10am 

9:10am  to  9:40am 

9:40am  to  10:30am 

10:30am  to  10:45am 
10:45am  to  1 1 :15am 

1 1 :15am  to  Noon 


Noon 


Registration  and  Networking  Breakfast 

Introduction  and  Overview 

Julia  King,  Executive  Editor,  Events,  and  National  Correspondent, 
Computerworld 

Trends  in  Enterprise  Analytics: 

An  Industry  Analyst’s  Overview 

Keith  Gile,  Principal  Analyst,  Forrester  Research 

Case  Study:  The  Nature  Conservancy 

Connor  Baker,  Director  of  Business  Information, 

The  Nature  Conservancy 

Transforming  Enterprise  Data  Into 
Actionable  Business  Intelligence 

Rob  Stephens,  Director  of  Technology  Strategy,  SAS 
Michael  Tillema,  Business  Intelligence  Strategist,  Intel 

Refreshment  and  Networking  Break 

Case  Study:  APEX  Management  Group 

Jody  Porrazzo,  Ph.D.,  Director  of  Econometric  Risk  Strategy, 
APEX  Management  Group 

Panel  Discussion  -  From  Gut  Feel  to  Fact-Based 
Decisions:  Real-Life  Business,  Political  and 
Technology  Lessons  Learned  on  the  Front  Lines  of 
Enterprise  Analytics 

Moderator:  Julia  King,  Executive  Editor,  Events,  and  National 

Correspondent,  Computerworld 

Panelists: 

•  Connor  Baker,  Director  of  Business  Information, 

The  Nature  Conservancy 

•Jody  Porrazzo,  Ph.D.,  Director  of  Econometric  Risk  Strategy, 
APEX  Management  Group 

•  Keith  Gile,  Principal  Analyst,  Forrester  Research 

•  Rob  Stephens,  Director  of  Technology  Strategy,  SAS 

•  Michael  Tillema,  Business  Intelligence  Strategist,  Intel 

Luncheon  (optional) 
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Selected 

speakers  include: 


Connor  Baker 
Director  of  Business 
Information, 

The  Nature  Conservancy 


Jody  Porrazzo,  Ph.D. 
Director  of  Econometric 
Risk  Strategy, 

APEX  Management  Group 


Keith  Gile 
Principal  Analyst, 
Forrester  Research 


Rob  Stephens 
Director  of  Technology 
Strategy,  SAS 


Michael  Tillema 

Business  Intelligence  Strategist, 

Intel 


Julia  King 

Executive  Editor,  Events,  and 
National  Correspondent 
Computerworld 
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Getting  Started  on 
Database  Security 


Our  security  manager  takes  a  look  at  the 
agency’s  info  assets  and  realizes  the  appli¬ 
cation  layer  is  the  weak  link.  By  C.  J.  Kelly 


sset-centric  se¬ 
curity”  seems  to  be 
becoming  a  famil¬ 
iar  phrase  in  the 
security  world.  However, 
identifying  assets  can  be  com¬ 
plicated.  For  many  organiza¬ 
tions,  assets  are  pieces  of  in¬ 
formation  stored  in  numerous 
places:  on  local  hard  drives,  on 
file  servers,  within  databases, 
in  various  physical  and  geo¬ 
graphical  locations, 
as  well  as  in  transit. 

The  information 
could  include  cus¬ 
tomer  or  client  data, 
protected  health  data, 
proprietary  informa¬ 
tion  or  financial  data, 
among  other  things. 

Thinking  through  the  layers 
of  security  in  our  environment, 
I  realized  that  the  weakest  link 
in  the  chain  is  at  the  applica¬ 
tion  layer,  which  is  where  I  see 
database  security  fitting  in. 
Much  attention  has  been  given 
to  auditing  firewall  rules,  turn¬ 
ing  off  unneeded  services  on 
servers  and  patching  operating 
systems,  internetwork  operat¬ 
ing  systems  and  various  appli¬ 
cations,  such  as  Internet  Ex¬ 
plorer.  But  it  seems  that  not 
much  attention  has  been  given 
to  database  security  and  audit¬ 
ing.  I  know  for  a  fact  that  no 
attention  has  been  paid  to  it 
here,  and  I  need  to  do  some¬ 
thing  about  that,  though  I  don’t 
have  much  experience  in  the 
subject. 

I’m  responsible  for  numer¬ 
ous  databases,  including  DB2, 
Access,  SQL  and  MySQL.  I’ve 
focused  on  making  sure  that 
they  reside  on  the  internal 
network  and  that  the  firewall 
rules  are  explicit  for  traffic  to 
and  from  the  Web  servers  in 
the  DMZ.  I’ve  made  sure  that 


servers  are  patched  routinely, 
and  I’ve  audited  Active  Direc¬ 
tory  users  and  account  per¬ 
missions,  but  I’ve  done  noth¬ 
ing  related  to  the  databases. 

Now  our  agency  is  develop¬ 
ing  a  major  new  application 
using  DB2,  and  I  need  to  come 
up  with  security  requirements. 
I  have  to  educate  myself  on 
this,  but  where  to  begin? 

Well,  it  so  happens  that  El¬ 
sevier  Digital  Press 
recently  sent  me  the 
book  Implementing 
Database  Security 
and  Auditing,  by 
Ron  Ben  Natan.  It 
has  examples  for 
Oracle,  SQL,  DB2 
and  Sybase.  (I  think  everyone 
agrees  that  using  Microsoft 
Access  databases  for  mission- 
critical  applications  is  a  mis¬ 
take.  Access  is  used  in  the 
agency  for  small  projects  that 
are  initiated  and  managed  by 
individuals  who  have  specific 
needs  for  manipulating  data 
downloaded  from  various 
mainframes.) 

The  first  step  in  securing 
DB2  is  to  harden  the  environ¬ 
ment.  The  book  provides  a 
to-do  list  that  includes  items 
like  these: 

■  Do  not  run  DB2  as  root 
(or  as  LocalSystem  on  Win¬ 
dows). 

■  Verify  that  all  DB2  files 
have  restrictive  permissions. 


I  have  to  educate 
myself  on  this,  but 
where  to  begin? 


■  Remove  default  accounts. 

■  Remove  sample  databases. 

■  Check  for  default  pass¬ 
words  and  check  password 
strengths. 

■  Close  unnecessary  ports 
and  services. 

■  Remove  all  permissions 
granted  to  “public.” 

■  Restrict  sysadmin  privi¬ 
leges. 

So  far,  so  good.  Some  items, 
such  as  the  first  one,  seem  ob¬ 
vious,  but  who  knows  —  may¬ 
be  the  developer/programmer 
always  runs  his  databases  as 
root.  Nothing  should  be  as¬ 
sumed.  But  I  learned  some 
new  information  that  I  would 
not  have  known  if  I  hadn’t 
been  exposed  to  it  by  this 
book.  Here  are  a  couple  of 
points  for  you  to  keep  in  mind: 

■  Never  use  client  authenti¬ 
cation.  Use  DCE_ENCRYPT, 
SERVER_ENCRYPT  or 
KRB_SERVER_ENCRYPT 

if  possible. 

■  Revoke  privileges  on  sys¬ 
tem  catalogs  like  SYSCAT.- 
COLAUTH,  SYSCAT.- 
DBAUTH,  SYSCAT.INDEX- 
AUTH  and  SYSCAT.PACK- 
AGE-AUTH. 

This  is  a  good  list  to  start 
with,  and  I  feel  like  I’ll  be  on 
solid  ground  by  following  it 
and  by  making  sure  the  data¬ 
base  is  at  the  latest  patch  level 
and  keeping  aware  of  the  secu¬ 
rity  bulletins  that  pertain  to 
the  database.  I’ve  e-mailed  the 
to-do  list  to  the  consultants 
who  are  developing  the  appli¬ 
cation  for  us  and  are  currently 
managing  the  database  envi¬ 
ronment  on  one  of  our 
servers.  No,  I’m  not  passing 
the  buck,  and  yes,  it’s  a  little 
late  in  the  game  to  be  doing 
this,  but  better  late  than  never. 

Besides  this  to-do  list,  I  got 
some  immediate  assistance 
toward  securing  the  database 
environment  in  the  first  chap¬ 
ter  of  the  book,  where  the  au¬ 
thor  states  that  defining  an 
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access  policy  is  the  “center 
of  your  database  security  and 
auditing  initiative.”  Aha!  That 
statement  pulled  me  up  to  the 
30,000-foot  level  as  I  pon¬ 
dered  why  the  author  used 
this  approach.  The  second 
chapter  is  an  overview  of  the 
usual  stuff  involved  in  an  in- 
depth  security  strategy.  At  this 
point,  I  was  hooked.  Now  that 
I  had  some  traction,  I  wouldn’t 
mind  reading  through  a  chap¬ 
ter  or  two  on  concepts. 

Chapter  3  discusses  how 
the  database  communicates  on 
the  network,  and  it  contains  a 
section  on  SMB/CIFS  (Server 
Message  Block/Common  In¬ 
ternet  File  System).  I  was  par¬ 
ticularly  interested  in  that  be¬ 
cause  of  recent  vulnerabilities 
disclosed  regarding  the  SMB 
protocol. 

So  far,  I’ve  read  the  first 
four  chapters  (Chapter  4  cov¬ 
ers  authentication  and  pass¬ 
word  security).  But  flipping 
ahead,  I  can  see  that  the  book 
goes  deeper  and  addresses 
some  application  coding  is¬ 
sues  that  could  be  of  concern, 
as  well  as  Web  services,  stored 
and  external  procedures,  row- 
level  security,  secure  replica¬ 
tion  mechanisms,  how  to  set 
up  an  event  monitor  and  trace, 
encryption,  regulations  and 
compliance,  and,  finally,  audit¬ 
ing.  One  feature  of  the  book 
that  seems  particularly  valu¬ 
able  is  that  it  outlines  the 
anatomy  of  various  types  of 
attack  and  describes  how  to 
prevent  them. 

So,  with  the  help  of  Ron  Ben 
Natan,  I’m  making  a  start  at 
securing  our  databases.  The 
approach  in  his  book  works 
for  me,  and  for  the  first  time  I 
feel  like  I  have  some  direction 
in  protecting  our  assets.  Since 
those  happen  to  include  pro¬ 
tected  electronic  health  infor¬ 
mation  that  belongs  to  the  citi¬ 
zens  of  our  state,  any  guidance 
I  receive  will  be  invaluable.  I 

WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real 
security  manager,  “C.J.  Kelly,"  whose 
name  and  employer  have  been  disguised 
for  obvious  reasons.  Contact  her  at 
mscjkelly@yahoo.com,  or  join  the  dis¬ 
cussion  in  our  forum:  QuickLink  a1590 

To  find  a  complete  archive  of  our 
Security  Manager’s  Journals,  go  online  to 

o  computerworld.com/secjournal 
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Remote  Access 
Raw  Described 

A  flaw  in  the  software  used  to 
remotely  access  computers 
running  Microsoft  Corp.’s 
Windows  operating  system 
could  leave  users  vulnerable  to 
a  denial-of -service  attack,  the 
company  said.  The  vulnerabil¬ 
ity  doesn’t  allow  attackers  to 
gain  control  of  Windows  sys¬ 
tems,  but  they  could  use  it  to 
repeatedly  cause  affected 
computers  to  crash.  This 
would  be  done  by  creating 
specially  crafted  messages 
using  the  Remote  Desktop 
Protocol.  Microsoft  is  advising 
users  to  either  block  the  port 
that  uses  RDP  (Port  3389)  or 
to  disable  the  remote  access 


Start-up  Promises 
Low-Cost  Offerings 

Start-up  ConSentry  Networks 
is  expected  to  come  out  with 
an  appliance  this  fall  that  it 
said  will  provide  protection 
that’s  similar  to  but  less  ex¬ 
pensive  than  comprehensive 
schemes  laid  out  by  estab¬ 
lished  network  vendors.  The 
company  has  built  three  cus¬ 
tom  chips  to  give  the  device 
the  processing  power  it  needs 
to  parse  packets  to  Layer  7, 
keep  track  of  sessions  and 
enforce  access  policies.  The 
appliance,  whose  name  and 
price  ConSentry  declined  to 
reveal,  would  sit  between 
workgroup  switches  and  core 
routers,  monitoring  traffic  and 
enforcing  policies.  It  secures  a 
network  from  within,  instead 
of  taking  the  usual  approach  of 
ensuring  that  devices  access¬ 
ing  the  network  are  secure. 

Microsoft  Licenses 
Security  Toots 

Finjan  Software  Ltd.  an¬ 
nounced  a  patent  licensing 
and  equity  investment  agree¬ 
ment  with  Microsoft.  Under 
the  deal,  Microsoft  purchased 
a  nonexclusive  worldwide  li¬ 
cense  for  select  Finjan  patents 
covering  computer  security 
technologies  and  became  a 
minority  shareholder  in  Finjan. 
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BY  JAN  MATLIS 

he  world  of  malicious 
software  is  often  divid¬ 
ed  into  two  types:  viral 
and  nonviral.  Viruses 
are  little  bits  of  code  that  are 
buried  in  other  codes.  When 
the  “host”  codes  are  executed, 
the  viruses  replicate  them¬ 
selves  and  may  attempt  to  do 
something  destruc¬ 
tive.  In  this,  they  be¬ 
have  much  like  biolog¬ 
ical  viruses. 

Worms  are  a  kind 
of  computer  parasite 
considered  to  be  part 
of  the  viral  camp  because  they 
replicate  and  spread  from 
computer  to  computer. 

As  with  viruses,  a  worm’s 
malicious  act  is  often  the  very 
act  of  replication;  they  can 
overwhelm  computer  infra¬ 
structures  by  generating  mas¬ 
sive  numbers  of  e-mails  or  re¬ 
quests  for  connections  that 
servers  can’t  handle. 

Worms  differ  from  viruses, 
though,  in  that  they  aren’t  just 


bits  of  code  that  exist  in  other 
files.  They  could  be  whole 
files  —  an  entire  Excel  spread¬ 
sheet,  for  example.  They  repli¬ 
cate  without  the  need  for  an¬ 
other  program  to  be  run. 

Remote  administration 
types  are  an  example  of  anoth¬ 
er  kind  of  nonviral  malicious 
software,  the  Trojan  horse,  or 
more  simply  Trojan. 
The  purpose  of  these 
programs  isn’t  replica¬ 
tion,  but  to  penetrate 
and  control.  Named  af¬ 
ter  the  wooden  crea¬ 
ture  that  the  citizens  of 
ancient  Troy  were  tricked  into 
taking  into  their  fortified  city, 
they  are  programs  that  mas¬ 
querade  as  one  thing  when  in 
fact  they  are  something  else, 
usually  something  destructive. 

There  are  a  number  of  kinds 
of  Trojans,  including  spybots, 
which  report  on  the  Web  sites 
a  computer  user  visits,  and 
keybots  or  keyloggers,  which 
record  and  report  the  user’s 
keystrokes  in  order  to  discov¬ 


er  passwords  and  other  confi¬ 
dential  information. 

RATs  attempt  to  give  a  re¬ 
mote  intruder  administrative 
control  of  an  infected  comput¬ 
er.  They  work  as  client/server 
pairs.  The  server  resides  on 
the  infected  machine,  while 
the  client  resides  elsewhere, 
across  the  network,  where  it’s 
available  to  a  remote  intruder. 

Using  standard  TCP/IP  or 
UDP  protocols,  the  client 
sends  instructions  to  the 
server.  The  server  does  what 
it’s  told  to  do  on  the  infected 
computer. 

Trojans,  including  RATs,  are 
usually  downloaded  inadver¬ 
tently  by  even  the  most  savvy 
users.  Visiting  the  wrong  Web 
site  or  clicking  on  the  wrong 
hyperlink  invites  the  unwant¬ 
ed  Trojan  in.  RATs  install 
themselves  by  exploiting 
weaknesses  in  standard 
programs  and  browsers. 

Once  they  reside  on  a  com¬ 
puter,  RATs  are  hard  to  detect 
and  remove.  For  Windows 
users,  simply  pressing  Ctl-Alt- 
Delete  won’t  expose  RATs, 
because  they  operate  in  the 
background  and  don’t  appear 
in  the  task  list. 

Nefarious  Designs 

Some  especially  nefarious 
RATs  have  been  designed  to 
install  themselves  in  such  a 
way  that  they’re  very  difficult 
to  remove  even  after  they’re 
discovered. 

For  example,  a  variant  of 
the  Back  Orifice  RAT  called 
G_Door  installs  its  server  as 
Kernel32.exe  in  the  Windows 
system  directory,  where  it’s 
active  and  locked  and  controls 
the  registry  keys. 

The  active  Kernel32.exe 
can’t  be  removed,  and  a  reboot 


won’t  clear  the  registry  keys. 
Every  time  an  infected  com¬ 
puter  starts,  Kernel32.exe  will 
be  restarted,  and  the  program 
will  be  active  and  locked. 

Some  RAT  servers  listen  on 
known  or  standard  ports.  Oth¬ 
ers  listen  on  random  ports, 
telling  their  clients  which  port 
and  which  IP  address  to  con¬ 
nect  to  by  e-mail. 

Even  computers  that  con¬ 
nect  to  the  Internet  through 
Internet  service  providers, 
which  are  often  thought  to  of¬ 
fer  better  security  than  static 
broadband  connections,  can 
be  susceptible  to  control  from 
such  RAT  servers. 

The  ability  of  RAT  servers 
to  initiate  connections  can 
also  allow  some  of  them  to 
evade  firewalls,  which  are 
constructed  to  look  for  unso¬ 
licited  incoming  connections. 
An  outgoing  connection  is 
usually  permitted.  Once  a 
server  contacts  a  client,  the 
client  and  server  can  commu¬ 
nicate,  and  the  server  begins 
following  the  instructions  of 
the  client. 

Legitimate  tools  are  used  by 
systems  administrators  to 
manage  networks  for  a  variety 
of  reasons,  such  as  logging 
employee  usage  and  down¬ 
loading  program  upgrades  — 
functions  that  are  remarkably 
similar  to  those  of  some  re¬ 
mote  administration  Trojans. 
The  distinction  between  the 
two  can  be  quite  narrow.  A  re¬ 
mote  administration  tool  used 
by  an  intruder  becomes  a  RAT. 

In  April  2001,  an  unem¬ 
ployed  British  systems  admin¬ 
istrator  named  Gary  McKin¬ 
non  used  a  legitimate  remote 
administration  tool  known  as 
Remotely  Anywhere  to  gain 
control  of  computers  on  a  U.S. 


How  Remote  Administration  Troians  Infect  a  Computer 


Other 

Nonviral 

Malware 

Adbots:  Adbots,  like  spyware, 
are  usually  installed  along  with 
user-selected  freeware.  They 

deliver  unwanted  advertise¬ 
ments. 

Dialers:  Dialers  call  900  num¬ 
bers  and  run  up  phone  bills. 

DDoS  zombie  agents:  These 
programs  allow  infected  com¬ 
puters  to  be  used  in  distrib¬ 
uted  denial-of-service  at¬ 
tacks.  The  zombie  agents  are 
coordinated  to  request  service 
from  the  same  server. 


Keyloggers:  Keyloggers  log  key¬ 
strokes  and  send  the  information 
back  to  clients.  Their  purpose  is 
often  to  find  passwords  and 
account  numbers. 

Spybots:  Spybots  transmit  in¬ 
formation  back  to  vendors  or 
others  interested  in  surrepti¬ 
tiously  tracking  a  user’s  activity 
to  learn,  for  example,  which  Web 
sites  he  has  visited. 


Navy  network. 

By  hacking  a  few  unguarded 
passwords  on  the  target  com¬ 
puters  and  using  illegal  copies 
of  Remotely  Anywhere,  McK¬ 
innon  was  able  to  break  into 
the  Navy’s  network  and  use 
the  remote  administration  tool 
to  steal  information  and  delete 
files  and  logs.  The  fact  that 
McKinnon  launched  the  attack 
from  his  girlfriend’s  e-mail 
account  left  him  vulnerable  to 
detection. 

Some  of  the  famous  RATs 
are  variants  of  Back  Orifice; 
they  include  Netbus,  Sub- 
Seven,  Bionet  and  Hack’a’tack. 
These  RATs  tend  to  be  fami¬ 
lies  more  than  single  pro¬ 
grams.  They  are  morphed  by 
hackers  into  a  vast  array  of 
Trojans  with  similar  capabili¬ 
ties.  O  55488 


Matlis  is  a  freelance  writer  in 
Newton,  Mass.  You  can  reach 
him  atjmtgpcmcm@aol.com. 
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Stellent  Upgrades 
Web  Content  Tools 

■  Stellent  Inc.  has  released  Ver¬ 
sion  7.5  of  Stellent  Site  Studio. 
The  Web  content  management 
software  now  offers  automated 
Web  site  migration  capabilities, 
according  to  the  Eden  Prairie, 
Minn.-based  vendor.  Also  includ¬ 
ed  is  a  new  tool  that’s  designed 
to  let  users  quickly  compare  cur¬ 
rent  and  previous  versions  of 
a  site.  Available  now.  Site  Studio 
is  priced  between  $25,000  and 
$100,000.  It’s  included  with  the 
Stellent  Web  Content  Manage¬ 
ment  suite,  which  is  sold  as  an 
option  to  Stellent  Content  Server. 


Mercury  Partners 
With  Peregrine 

■  Mercury  Interactive  Corp.  and 
Peregrine  Systems  Inc.  have  an¬ 
nounced  a  partnership  in  which 
Mountain  View,  Calif.-based  Mer¬ 
cury  will  integrate  its  application 
management  tools  with  San 
Diego-based  Peregrine’s  asset 
and  service  management  soft¬ 
ware.  When  the  integrated  sys¬ 
tem  begins  shipping  later  this 
year,  customers  will  be  able  to 
use  Mercury  IT  Governance  Cen¬ 
ter  with  Mercury  Application 
Mapping  and  Peregrine  Service- 
Center  to  prioritize  and  manage 
IT  change  requests,  conduct  busi¬ 
ness-impact  analysis  and  auto¬ 
mate  deployment  of  changes,  ac¬ 
cording  to  the  companies.  Pricing 
isn’t  yet  available. 


WebMethods  Offers 
Compliance  Tool 

■  WebMethods  Inc.  has  intro¬ 
duced  webMethods  for  Compli¬ 
ance.  The  software  system  helps 
users  continuously  and  automati¬ 
cally  verify  the  completeness,  ac¬ 
curacy  and  validity  of  transactions 
and  business  processes  in  accor¬ 
dance  with  regulatory  require¬ 
ments,  according  to  Fairfax,  Va.- 
based  webMethods.  Pricing  for 
the  system,  which  is  compatible 
with  Oracle  and  SQL  Server  data¬ 
bases,  ranges  from  $300,000  to 
more  than  $1  million. 


MARK  WILLOUGHBY 

Coder  Be  Agile, 
Coder  Be  Quick 


ANEW  FORCE  is  making  itself  felt  in  the 

world  of  software  development.  Advocates 
of  the  agile  development  methodology 
( www.agilealliance.com )  claim  that  its 
potential  to  increase  productivity  in  some 
areas  is  so  bright  that  coders  are  going  to  need  to  wear 
shades  to  write  software  with  it. 


Instead  of  starting  by  de¬ 
veloping  a  detailed  set  of 
requirements,  agile  method¬ 
ologies  call  for  program¬ 
mers  to  begin  by  writing 
small  chunks  of  functional¬ 
ity  that  can  be  completed  in 
two  to  four  weeks  —  “itera¬ 
tions,”  in  agilespeak.  Mod¬ 
ule  testing  receives  the 
same  level  of  attention  as 
the  actual  writing  of  the 
code.  When  one  iteration 
is  done,  developers  find  the 
next  requirement  to  add  more  function¬ 
ality  to  the  module  just  completed  and 
thereby  start  a  new  iteration. 

Agile  processes  promise  to  deliver 
high-quality,  functioning  software  at  a 
fraction  of  the  time  and  cost  of  tradi¬ 
tional  methods.  Still,  agile  isn’t  likely  to 
replace  the  so-called  waterfall  develop¬ 
ment  methodologies,  those  proven 
ivory  towers  that  have  been  used  for  the 
development  of  everything  from  missile 
guidance  to  widget-tracking  ERP  sys¬ 
tems.  For  many  projects,  especially  big 
ones  with  relatively  fixed  requirements, 
the  Software  Engineering  Institute  and 
its  family  of  Capability  Maturity  Models 
( www.sei.cmu.edu/cmmi )  are  the  gold 
standard  and  will  remain  so. 

What’s  changed  is  product  develop¬ 
ment  in  the  era  of  global  mass  cus¬ 
tomization.  You  can’t  afford  a  three- 
month  requirements-definition  phase 
whose  pieces  are  nebulous  and  evolv¬ 
ing.  The  agile  method  has  at  its  core  the 
ascendance  of  trial  and  error  over  plan¬ 
ning  and  documentation  or,  borrowing 


more  agilespeak,  “early 
value  delivery”  over 
“formalism.” 

Agile  tilts  to  a  more 
intuitive  but  still  disci¬ 
plined  form  of  software 
development.  Build  and  test 
a  software  module  for  that 
widget-tracking  system 
with  a  very  small,  tightly  in¬ 
tegrated  team.  Then  inter¬ 
pret  the  requirements  for 
that  module  in  the  testing 
and  have  the  software  built 
before  the  requirements  even  would 
have  been  developed  using  traditional 
waterfall  methods. 

Agile  already  is  showing  up  in  main¬ 
stream  software  development.  Some 
developers  will  see  it  first  as  part  of  a 
hybrid  methodology,  with  some  parts 
managed  via  waterfall  methods  and 
others  spun  off  to  agile.  Likely  candi¬ 
dates  for  spinning  off  to  an  agile  team 
are  software  modules  that  include  un¬ 
defined  areas  or  functionality  that’s 
likely  to  change. 

Instead  of  waiting  for  dependencies  to 
be  resolved  or  customer  inputs  to  catch 
up  to  requirements,  put  agile  to  work. 
Develop  the  test  plan,  build,  and  test 
with  “Tinkertoy”  interfaces  that  can  be 
easily  updated  when  the  project  catches 
up.  Agile  excels  in  this  environment. 

The  potential  savings  offered  by  the 
agile  method  force  the  global  software 
development  marketplace  to  take  it  se¬ 
riously.  Its  pros  and  cons  are  hotly  de¬ 
bated.  If  agile  does  what  its  proponents 
claim,  it  will  be  disruptive  technology 


for  software  development,  changing 
everything. 

And  if  everything  changes,  there  will 
be  winners  and  losers.  The  winners  will 
include  a  lot  of  those  early  proponents 
who  were  able  to  see  and  embrace  the 
change  —  and  who  didn’t  have  a  large 
stake  in  the  entrenched  way  of  doing 
things.  The  losers  will  mostly  be  devel¬ 
opment  shops  that  have  a  large  stake  in 
the  ancient  regime  and  are  unable  or 
unwilling  to  embrace  the  change. 

Squarely  in  the  sights  of  some  agile 
proponents  is  the  movement  to  off¬ 
shore  development.  Examined  through 
an  agile  lens,  those  billions  of  dollars 
spent  in  developing  software  offshore 
are  suspect.  Is  it  better  to  write  a  great 
set  of  requirements  and  enforce  an  ele¬ 
gant  project  management  system  to 
gain  the  economic  benefit  of  cheap  off¬ 
shore  development?  Or  should  we  be¬ 
gin  defining  an  agile  iteration  in  paral¬ 
lel  with  a  test  plan  and  begin  writing 
software  close  to  home  for  early  deliv¬ 
ery  of  a  functioning  solution? 

Offshore  development  puts  consider¬ 
able  stress  on  some  of  the  cultural  prac¬ 
tices  fundamental  to  agile,  such  as  small 
teams  working  in  close  proximity,  in¬ 
stant  communication  and  tightly  inte¬ 
grated  testing.  Disruptive  technology 
changes  the  rules  in  Bangalore,  Boston, 
Beijing  and  Berlin.  Being  close  to  the 
agile  project —  “visibility,”  in  agilespeak 
—  puts  a  premium  on  proximity  and 
new  types  of  project  management  tools. 

But  it  would  be  a  mistake  to  assume 
that  agile  brings  a  sustainable  advantage 
to  onshore  developers  in  the  U.S.  Once 
the  offshore  community  gets  on  board 
with  agile  —  and  they  are  starting  to  do 
so  —  they  will  adopt  new  management 
tools  and  methods  and  continue  to  en¬ 
joy  the  same  cost  advantages  they  do 
now,  albeit  at  a  faster  pace.  ©  55661 
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Farewell  to  Fiefdoms 

The  Southern  Co.  was  ahead  of 
its  time  when  it  pioneered  an  IT 
shared-services  concept  10  years 
ago.  Today,  it’s  reaping  the  benefits 
on  the  bottom  line  and  in  the  career 
paths  of  its  CIOs.  Page  42 


ADVICE 

Managers’  Forum 

Check  out  the  debut  of  Paul  Glen’s 
advice  column,  in  which  he  answers 
readers’  questions  about  the  art  and 
craft  of  management.  One  reader  asks 
how  to  manage  a  CIO  with  a  bad  case  of 
“rock-star-itis.”  Page  44 


Career  Watch 

IT  hiring  activity  is  expected  to  be 
brighter  in  the  third  quarter  because 
of  business  expansion,  especially  among 
large  companies  and  in  New  England, 
according  to  a  new  report  from  Robert 
Half  Technology.  Page  46 
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As  more  organizations  store  more 
data  longer,  the  IT  industry  seeks 
a  better  way.  BY  LUCAS  MEARIAN 


record  is  a  record, 
whether  it’s  a  sheet  of 
paper,  an  e-mail,  an  elec¬ 
tronic  document  or  a 
digital  image. 

“It’s  the  content  that  drives 
retention,  not  the  media  it’s 
written  on,”  says  Adam  Jansen,  a 
digital  archivist  for  the  state  of 
Washington.  And  recent  federal 
regulations  are  requiring  more 
companies  to  save  more  content 
for  longer  periods  of  time. 

While  content  may  be  king  in 
theory,  in  practice,  the  media  on 


which  it’s  stored  and  the  soft¬ 
ware  that  stores  it  present  prob¬ 
lems.  As  digital  tapes  and  opti¬ 
cal  discs  pile  higher  and  higher 
in  the  cavernous  rooms  of  off¬ 
site  archive  providers,  business¬ 
es  are  finding  them  increasingly 
expensive  to  maintain. 

The  software  that  created 
the  data  has  limited  backward 
compatibility,  so  newer  versions 
of  a  program  may  not  be  able  to 
read  data  stored  under  older 
versions. 

Moreover,  the  media  on 


<  ADAM  JANSEN,  digital  archivist  for  the  state  of  Washington,  explains, 
“It's  the  content  that  drives  retention,  not  the  media  it’s  written  on.” 
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which  the  data  is  stored  degrade  rela¬ 
tively  quickly.  “Ten  years  is  pushing  it 
as  far  as  media  permanence  goes,”  says 
Jansen. 

Varied  Approaches 

Today,  the  only  safe  path  to  long-term 
archiving  is  repeated  data  migration 
from  one  medium  and  application  to 
another  throughout  the  data’s  life  span, 
experts  say. 

But  the  storage  industry  is  working 
on  the  problems  from  various  angles. 

One  solution  to  the  backward-com¬ 
patibility  problem  is  to  convert  data  to 
common  plain-text  formats,  such  as 
ASCII  or  Unicode,  which  support  all 
characters  across  all  platforms,  lan¬ 
guages  and  programs.  Using  plain-text 
formats  to  store  data  enables  virtually 
any  software  to  read  the  files,  but  it 
can  cause  the  loss  of  data  structure 
and  rich  features  such  as  graphics. 

Another  approach  is  to  use  PDF  files 
to  store  long-term  data.  There  can  be 
backward-compatibility  problems  with 
PDFs,  but  the  file  format’s  developer, 
Adobe  Systems  Inc.,  has  created  an 
archival  version  of  its  software,  called 
PDF/A,  that  addresses  them. 

To  date,  the  most  promising  stan¬ 
dard  data-storage  technologies  are 
emerging  in  new  XML-based  formats, 
according  to  analysts  and  studies.  XML 
is  a  file  format  and  self-describing 


_  Best 
Practices 

■  Categorize  your  data  according 
to  its  importance. 

■  Create  polices  about  which  data 
to  retain  and  how  long  to  retain  it. 

■  Establish  a  migration  path  for  your 
data.  Don’t  upgrade  willy-nilly. 

■  Don’t  retain  data  longer  than 
you  must. 

■  Create  strong  vendor  partnerships 
to  defer  costs  and  establish  trust. 


markup  language  that  is  independent 
of  hardware  and  operating  systems. 

On  the  media  side,  the  Storage 
Networking  Industry  Association 
(SNIA)  is  working  toward  solving 
what  it  calls  the  “100-year  archive 
dilemma”  through  a  standards  effort 
for  media.  The  goal  is  to  store  data  in  a 
format  that  will  always  be  readable  by 
a  generic  reader. 

“Degrading  media  is  not  at  all  the  is¬ 
sue.  Rather,  the  real  issue  is  long-term 
readers  and  compatibility  —  the  logi¬ 
cal  problem  which  we  intend  to  ad¬ 
dress,”  says  Michael  Peterson,  presi¬ 
dent  of  Strategic  Research  Corp.  in 


Santa  Barbara,  Calif.,  and  program  di¬ 
rector  for  the  SNIA  Data  Management 
Forum. 

Some  businesses  are  postponing  the 
long-term  archival  problem  with  large 
farms  of  disk  arrays,  which  keep  data 
online  and  accessible.  Jim  Damoulakis, 
chief  technology  officer  at  Framing¬ 
ham,  Mass.-based  consultancy  Glass- 
House  Technologies  Inc.,  suggests  that 
companies  look  into  using  an  emerg¬ 
ing  class  of  inexpensive  disk  arrays  as 
a  storage  medium.  “At  least  you  know 
the  data  is  there  and  readable,”  he  says. 
“A  tape  or  optical  media  sitting  in  a 
vault  can  degrade.” 

The  new  disk  arrays,  sometimes 
called  disk  libraries,  are  based  on  rela¬ 
tively  inexpensive  ATA  disks,  formerly 
used  only  in  PCs. 

Peterson  says  that  this  is  a  tempo¬ 
rary  solution,  however.  “Long  term,  I 
am  not  sure  that  current  disk  inter¬ 
faces  won’t  have  the  same  migration 
problem  [as  tape],”  he  says.  “Whether 
it  is  tape  or  disk,  you  are  going  to  have 
to  migrate.” 

Managing  Metadata 

Meanwhile,  users  struggle  on.  Last 
October,  for  example,  Jansen  and  his 
IT  team  completed  a  three-year  proj¬ 
ect  to  create  an  open-systems-based 
archive  management  center  for  the 
state  of  Washington  that  will  house 


records  from  3,300  state  and  local 
agencies  in  perpetuity. 

The  center,  in  Cheney,  Wash.,  cur¬ 
rently  stores  5TB  of  data  and  is  expect¬ 
ed  to  grow  to  25TB  by  the  end  of  the 
year.  It  cost  about  $1.5  million  for  man¬ 
agement  software  and  hardware,  in¬ 
cluding  servers,  a  storage-area  net¬ 
work  and  tape  drives.  Washington 
spent  $1  million  more  on  a  joint  devel¬ 
opment  project  with  Microsoft  Corp., 
which  is  helping  the  state  create  what 
it  hopes  will  become  an  open  format. 

“We  want  to  avoid  proprietary  file 
formats  to  the  extent  it’s  possible,” 
Jansen  says. 

He  says  that  the  most  important  part 
of  any  long-term  archival  system  is 
centralizing  the  backup  of  data  in  or¬ 
der  to  be  able  to  standardize  the  stor¬ 
age  method.  At  the  heart  of  the  state’s 
archival  system  is  the  storage  of  meta¬ 
data,  the  information  that  describes 
the  data. 

When  documents  are  transmitted 
over  the  WAN  to  a  central  data  center, 
information  such  as  who  created  the 
document,  what  type  of  document  it  is, 
where  it  was  created,  when  it  was  cre¬ 
ated  and  why  is  was  created  is  cap¬ 
tured  and  stored  in  a  SQL  database. 
That  way,  “20  years  from  now,  you 
don’t  have  to  know  that  particular  doc¬ 
ument,  but  you  can  perform  a  search 
based  on  the  record  type,”  Jansen  says. 

The  state’s  system  also  notes  which 
computer  originated  the  data.  “We 
capture  the  actual  IP  address,  CPU 
type  and  Ethernet  adapter.  We  get  the 
digital  fingerprint  of  that  computer,” 
says  Jansen.  This  helps  to  prove  the 
authenticity  of  data.  In  addition,  the 
state  issues  a  digital  certificate  for 
any  document  using  the  MD5  hashing 
algorithm  to  verify  the  authenticity  of 
that  data. 

Most  data  is  kept  in  a  standard  for¬ 
mat:  Word  documents  are  turned  into 
PDF  files,  and  images  are  converted 
into  TIFF  files. 

Jansen  says  he  is  considering  using 
Microsoft’s  Office  12  and  its  new  XML- 
based  file  format  as  a  standard  archiv¬ 
ing  format  in  the  future. 

And  virtually  everyone  hopes  that 
standard  —  or  another  one  —  will  stick. 
Peterson  sums  up  the  100-year  dilemma 
this  way:  “There  aren’t  what  we’d  call 
standards  for  long-term  archiving  — 
only  best  practices.”  ©  55446 


YOU  THINK  YOU  NEED  STORAGE? 

The  National  Archives  is  planning  a  system  to  store 
every  White  House  e-mail,  starting  with  those  created 
during  President  Clinton's  second  term: 
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BEFORE  YOU  ARCHIVE 


AS  ORGANIZATIONS  struggle 
with  the  physical  problems  as¬ 
sociated  with  archiving,  many 
are  also  addressing  the  theo¬ 
retical  underpinnings.  They 
are  beefing  up  their  policies 
around  how  they  classify  and 
store  data,  partly  in  response 
to  regulations  such  as  the  Sar- 
banes-Oxley  Act  and  the 
Health  Insurance  Portability 
and  Accountability  Act. 

“Unquestionably,  the  foun¬ 
dation  of  any  archiving  system 
is  strong  records  management 
skills,”  says  Adam  Jansen,  a 
digital  archivist  for  the  state  of 
Washington. 

And  while  the  development 
of  products  and  standards  will 
help  companies  as  they  deal 
with  backward  compatibility  of 


software  and  degradation  of 
media,  records  management  is 
something  they  can  begin  to 
tackle  today. 

Any  archival  scheme  should 
start  with  creating  an  audit  trail 
to  ensure  the  authenticity  of 
the  data,  says  Jim  Damou¬ 
lakis,  CTO  at  GlassHouse 
Technologies.  The  plan  should 
also  include  categorizing  data 
according  to  its  importance, 
which  can  dramatically  affect 
the  cost  of  the  systems.  “With¬ 
out  an  archiving  strategy  in 
place  -  and  that's  common 
today  -  your  entire  storage 
infrastructure  will  be  eaten  up 
over  time  with  legacy  data,”  he 
says.  “Going  through  the  exer¬ 
cise  of  doing  some  level  of 
data  identification  and  classifi¬ 


cation  is  a  critical  first  step." 

Mario  Carlos,  head  of  IT  at 
Manila  Electric  Co.  in  the  Philip¬ 
pines,  says  he  began  to  formu¬ 
late  a  long-term  preservation 
plan  by  prioritizing  his  data. 

His  priorities  are  based  on  reg¬ 
ulatory  requirements,  econom¬ 
ic  feasibility,  operational  ease, 
obsolescence,  available  tech¬ 
nology  and  the  difficulty  of 
changing  current  operations. 

To  assist  in  records  man¬ 
agement,  information  classifi¬ 
cation  management  software 
and  appliances  have  been 
emerging  over  the  past  year 
from  vendors  such  as  Kazeon 
Systems  Inc.,  StoredlQ  Inc., 
Arkivio  Inc.,  Index  Engines  Inc. 
and  Scentric  Inc. 

The  technology  scans  un¬ 


structured  file  data  and  applies 
lexicons  of  keywords  to  identify 
likely  target  documents.  For  ex¬ 
ample,  the  engines  can  be  set 
to  identify  data  related  to  com¬ 
pliance  with  Securities  and 
Exchange  Commission  regula¬ 
tions  or  HIPAA,  or  to  earmark 
data  for  legal  discovery. 

-  Lucas  Mearian 
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before  they  arise.  Then  leave  it  be— the  optional  remote  management2  tools  let  you  keep  track  of  your  server  no 
matter  where  you  are.  And,  for  a  fast,  easy  backup  solution,  bundle  it  with  the  all-new  HP  StorageWorks  DAT  40  USB 
internal  tape  drive.  Just  another  reliable  solution  from  the  HP  Smart  Office  Portfolio. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SUPPORT 


Three-year  Care  Pack 

Add  three  years,  next-business-day  on-site  support  for  $199 

Visit  our  Web  site  to  download  a  free  guide: 

Getting  Started  with  HP  Systems  Insight  Manager 


Call  1-888-291-0364 
Click  hp.com/go/ML330mag2 
Contact  your  local  reseller 


Prices  shown  are  HP  Direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient’s  address.  Offers  cannot  be  combined  with  any  other  offer  or  discount,  are  good  while  supplies  last  and  are  available  from  HP  Direct 
and  participating  HP  resellers.  All  featured  offers  available  in  U.S.  only.  Savings  based  on  HP  published  list  price  of  configure-to-order  equivalent  ($1 ,427  -  $358  Instant  savings  =  $1 ,069).  Certain  warranty  restrictions  and  exclusions  may  apply.  For  complete  warranty  details,  call  1  -800-345-1 51 8  (U.S.).  1 .  For  hard 
drives,  GB=billion  bytes.  2.  Optional  Remote  Insight  Lights-Out  Edition  II  (RILOE  10.  Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2005  Hewlett-Packard  Development  Company,  L.P. 


42 


COMPUTERWORLD  July  25, 2005 


MANAGEMENT 


Farewell 

Fiefdoms 

Moving  to  shared  IT  services  has  boosted  The 
Southern  Co.’s  bottom  line  -  and  the  careers 
of  its  divisional  CIOs.  By  Thomas  Hoffman 


IN  THE  24  years  that  Bart  Wood 
has  worked  at  The  Southern  Co., 
he’s  done  everything  from  cost 
accounting  to  managing  power 
delivery.  But  Wood’s  background 
in  customer  service  has  served 
him  particularly  well  over  the  past 
eight  years  as  CIO  at  Georgia  Power, 
one  of  seven  operating  companies  for 
Southern,  a  super-regional  energy 
provider  based  in  Atlanta. 

That’s  because  Wood,  like  other  divi¬ 
sional  CIOs  at  Southern,  is  responsible 
not  only  for  overseeing  IT  activities  at 
Georgia  Power  but  also  for  managing 
customer  service,  marketing  and  hu¬ 
man  resources  systems  operations  for 
all  of  Southern. 

Similarly,  Aline  Ward,  a  21-year 
company  veteran,  is  not  only  CIO  at 
Southern’s  Mississippi  Power  operat¬ 
ing  company  but  is  also  responsible  for 
the  entire  company’s  transmission  and 
distribution  systems. 

Wood  and  Ward  personify  South¬ 
ern’s  IT  shared-services  organization, 
which  the  company  pioneered  in  the 
mid-1990s.  “We  were  way  ahead  of  our 
time,”  says  Ward.  “There  was  no  one 
else  doing  anything  like  this  10  years 
ago,  so  there  was  no  one  to  model  our¬ 
selves  after.” 

The  shared-services  effort  was 
spearheaded  by  then-CIO  Tom  Fan¬ 
ning,  who  is  now  Southern’s  chief  fi¬ 
nancial  officer.  Fanning  wanted  to  cre¬ 
ate  synergies  among  operating  units 
and  reduce  costs  by  providing  com¬ 
mon  desktop  support,  application 
maintenance  and  other  IT  services  to 
Southern’s  operating  companies. 

Prior  to  the  formation  of  the  IT 
shared-services  organization,  known 
as  Southern  Company  Services,  there 


was  a  lot  of  redundancy  even  within 
single  divisions.  Individual  operating 
companies  often  used  several  systems 
—  three  or  four  accounting  systems, 
for  example  —  for  the  same  purpose. 
There  was  also  little  commonality 
among  operating  systems  or  e-mail 
platforms  used  by  each  entity. 

This  buildup  of  redundant  systems 
was  the  result  of  “little  fiefdoms”  that 
had  cropped  up  in  each  of  the  operat¬ 
ing  companies,  Ward  explains. 

‘Throwing  Jell-0’ 

It  wasn’t  easy  to  convince  all  of  South¬ 
ern’s  far-flung  IT  workers  to  buy  into 
the  notion  of  a  shared-services  IT 
organization. 

“There  were  some  folks  [in  IT]  who 
didn’t  want  to  be  centralized.  It  was 
like  throwing  Jell-O  on  the  wall  and 
hoping  it  would  stick,”  says  Becky 
Blalock,  who  has  been  Southern’s  se¬ 


nior  vice  president  and  CIO  for  the 
past  three  years. 

Blalock  worked  outside  of  IT  during 
the  first  18  years  of  her  career  before 
becoming  CIO  at  Georgia  Power  in 
1995,  and  that  helped  her  drive  the  cen¬ 
tralization  effort,  at  least  within  her 
business  unit.  “Being  an  outsider  to  IT 
was  almost  an  advantage  to  me,  since  I 
didn’t  have  any  emotional  attachments,” 
she  says. 

Fanning’s  charisma  and  his  vision 
for  IT  helped  smooth  the  transition  to 
a  shared-services  environment;  the 
fact  that  divisional  CIOs  picked  up 
functional  responsibilities  also  helped, 
Ward  says.  Before  then,  “we  [in  IT] 
were  all  essentially  order  takers,  and 
Tom  Fanning  wouldn’t  stand  for  that,” 
she  recalls. 

Another  step  that  eased  the  transi¬ 
tion  was  the  creation  of  technology 
leadership  teams  for  each  functional 
area.  For  example,  Ward  meets  month¬ 
ly  with  nine  business  and  IT  delegates 
from  different  operating  companies  to 
discuss  transmission  and  distribution 
issues,  such  as  technologies  that  could 
help  make  Southern’s  transmission 
grid  more  reliable.  They  also  monitor 
and  update  the  company’s  progress  to¬ 
ward  meeting  goals  in  a  five-year  mas¬ 
ter  plan  for  each  functional  area.  And 
the  group  frequently  evaluates  up¬ 
grades  and  replacements  to  core  sys¬ 
tems  such  as  job  estimating  and  track¬ 
ing  systems,  Ward  adds. 

It’s  all  part  of  a  strategy  aimed  at 
helping  Southern  run  as  efficiently 
as  possible,  with  each  operating  unit 
responsible  for  its  own  profits  and  loss¬ 
es.  “We  have  to  be  successful  as  oper¬ 
ating  companies,  but  we  also  have 
to  be  successful  as  Southern  Co.,” 
says  Ward. 

The  division  of  functional  responsi- 


THE  CENTRALIZED  MODEL  seems  to 
be  working  well  for  The  Southern  Co. 
as  it  continues  to  drive  down  IT  costs, 
gain  efficiencies  and  improve  customer 
satisfaction  ratings.  The  company 
has  cut  annual  IT  spending 
from  $280  million  in  2000 
to  $242  million  this  year, 
says  Southern  Senior  Vice 
President  and  CIO  Becky 
Blalock. 

Meanwhile,  head  count  in 
the  IT  shared-services  group 
has  dropped  from  a  peak  of 


1,400  people  in  2000  to  roughly  950, 
she  adds. 

But  customer  service  ratings  have 
moved  in  the  opposite  direction  -  from  a 
score  of  2.8  out  of  5  in  the  first  year  of 
the  IT  shared-services  effort 
to  a  solid  4.6  rating  last  year, 
notes  Bart  Wood,  CIO  at  the 
Georgia  Power  division. 

“We’ve  taken  a  lot  of  the 
costs  out  of  IT,”  Blalock  ob¬ 
serves.  “And  we  aren’t  fin¬ 
ished  yet.” 

-  Thomas  Hoffman 
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AT  A  GLANCE 

The  Southern  Co. 

;■  HEADQUARTERS:  Atlanta 

■  BUSINESS  Super-regional 
power  company 

■  .  ..  ■  $11.9  billion 

■  2004  EARNINGS.  $1.53  billion 

■  2005  IT  BUDGET:  $242  million 

■  IT  STAFF:  950 


bilities  among  the  CIOs  “seems  rather 
unique  to  Southern,”  says  Rick  Nichol¬ 
son,  an  analyst  at  Energy  Insights,  a 
unit  of  market  research  firm  IDC. 

And  because  Southern  is  trying  to 
centralize  those  activities,  “it  makes 
sense  to  have  one  person  responsible 
for  each  area,”  says  Zarko  Sumic,  an 
analyst  at  Gartner  Inc. 


Pioneers  and  Mavericks 

Southern  is  used  to  taking  pioneering 
approaches  to  IT  and  business.  It  was 
one  of  the  first  companies  to  create 
roles  for  business  analysts  as  liaisons 
between  IT  and  the  business  units, 
says  Ward.  And  when  the  dot-com 
boom  and  explosive  economic  expan¬ 
sion  in  the  U.S.  were  leading  many  or¬ 
ganizations  to  put  more  IT  responsibil¬ 
ities  in  the  hands  of  business  man¬ 
agers,  the  energy  giant  began  centraliz¬ 
ing  its  IT  operations. 

Southern’s  maverick  approach 
seems  to  be  working  across  the  board. 
The  systems  consolidation  and  cen¬ 
tralization  effort  has  helped  the  com¬ 
pany  slash  both  its  budget  and  head 
count.  And  according  to  Blalock,  the 
shared-services  group  received  its 
highest-ever  customer  satisfaction  rat¬ 
ings  in  2004.  “We  are  definitely  doing 
more  with  less  and  doing  it  very  well,” 
she  says. 

Having  functional  responsibilities 
also  provides  terrific  career  opportuni¬ 
ties  for  divisional  CIOs  like  Wood, 
since  they  are  able  to  develop  critical 
IT  and  business  management  skills 
that  can  eventually  be  applied  to  other 
parts  of  Southern’s  operations. 

“If  you  asked  me  what  my  next  job 
would  be,  it  would  probably  be  as  head 
of  customer  service  for  an  operating 
company,”  Wood  says. 

That  kind  of  career  path  is  plausible 
for  business-sawy  CIOs  like  Wood, 
says  Nicholson,  “because  they’re  very 
versed  in  that  business  process  and  its 
reliance  upon  IT.”  O  55450 
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Welcome  to  the 
Managers’  Forum! 

My  goal  is  to  pro¬ 
vide  an  opportu¬ 
nity  for  lively  dis¬ 
cussion  on  the  art 
and  craft  of  man¬ 
agement.  I’ll  do 
my  best  to  an¬ 
swer  your  ques¬ 
tions,  and  there 
will  be  room  for  your  responses  as 
well.  Please  send  your  questions, 
comments  and  critiques  to  me  at 
management@paulglen.com. 


HI  have  more  than  eight  years  of  ex¬ 
perience  in  IT  and  am  pursuing  my 
MBA  in  management  technology. 
Although  I’ve  earned  several  certificates  for 
computer  training  courses  throughout  the 
years,  I  have  no  Microsoft  certifications. 
After  earning  my  MBA,  will  I  need  to  have 
some  certifications  under  my  belt  if  I  want 
to  gain  a  management  position  in  IT?  It 
sounds  like  you  have  committed  your¬ 
self  to  a  career  of  learning,  and  not 
only  is  that  admirable,  it’s  necessary  to 
grow  and  advance  —  congratulations! 
You’re  at  a  major  crossroad  in  your  ca¬ 
reer,  and  it’s  time  to  make  some  hard 
decisions. 

Early  careers  are  driven  by  increas¬ 
ing  your  depth  and  breadth  of  techni¬ 
cal  knowledge.  One  very  popular  way 
to  demonstrate  continued  technical 
growth  is  with  certifications.  As  you 
learn,  you  are  able  to  deliver  more  val¬ 
ue  to  your  employers  and  should  be 
recognized,  compensated  and  promot¬ 
ed  for  the  increased  value. 

But  at  some  point,  you  have  to  decide 
how  you  are  going  to  continue  to  add 


more  value  to  your  organization.  On 
the  path  of  technical  value,  you  become 
ever  more  specialized  and  narrowly  fo¬ 
cused  on  your  technical  knowledge. 

You  deliver  more  value  through  the 
depth  of  your  knowledge.  On  the  path 
of  managerial  value,  you  add  more  val¬ 
ue  by  making  others  more  productive. 

If  you  are  committed  to  going  the 
managerial  path,  forget  about  the 
MCSE.  It  will  do  nothing  for  you  or 
your  employers,  since  the  technical 
value  you  can  add  will  dimmish  rapidly. 

If  you  want  to  continue  to  be  pri¬ 
marily  technical,  get  the  MCSE.  Slow 
down  on  the  MBA  but  don’t  quit  it  al¬ 
together,  because  deeply  technical 
people  with  good  business  knowledge 
are  even  more  valuable  than  those  who 
have  none. 

While  it  may  seem  attractive  to  try 
to  go  both  ways,  it’s  not  possible  for 
any  but  the  most  amazingly  energetic 
and  talented  people.  The  technical 
people  who  can  manage  brilliantly  are 
the  alien  abductees  of  the  IT  world. 
There  are  far  fewer  people  who  can  do 
this  than  there  are  people  who  think 
that  they  can. 

HThe  staffers  don’t  want  to  take  the 
time  to  fill  out  time  reports  on 
what  projects  they  are  working  on, 
their  supervisors  don’t  care  enough  to  en¬ 
force  it,  and  management  won’t  do  anything 
but  “remind  them.”  What  can  I  do?  If  the 
staff  doesn’t  care  about  it,  the  supervi¬ 
sors  don’t  care  about  it,  and  the  execu¬ 
tives  pay  only  lip  service  to  these  re¬ 
ports,  they  probably  aren’t  really  im¬ 
portant.  If  you  are  trying  to  collect 
data  that  no  one  uses,  it’s  hopeless. 
Don’t  bother. 

Just  get  rid  of  the  rule.  Having  unen¬ 


forced  and  widely  disregarded  rules 
can  breed  an  attitude  of  contempt  for 
all  the  rules.  In  IT  departments,  for 
every  rule  imposed,  management  pays 
a  price  in  flexibility,  morale  and  re¬ 
spect.  Pick  your  rules  carefully,  and 
then  enforce  them  appropriately. 

If  you  want  people  to  track  their 
time  closely,  they  need  a  good  reason 
to  do  so.  Let  the  staffers  estimate  their 
own  work,  and  use  the  time  tracking  to 
test  the  accuracy  of  their  estimates. 
That  will  help  them  learn  how  to  im¬ 
prove  their  estimation  skills,  so  they 
may  put  up  with  it. 

If  you  want  the  supervisors  to  insist 
on  time  tracking,  they  should  be  evalu¬ 
ated  not  on  enforcing  the  rule,  but  on 
using  the  information  to  bring  their 
projects  in  on  time. 

HHow  do  I  guide  my  CIO  to  stay  fo¬ 
cused  on  the  work  of  the  company 
rather  than  spend  large  percent¬ 
ages  of  his  time  public  speaking  and  apply¬ 
ing  for  awards?  I’m  afraid  that  the  CIO  may 
be  getting  “rock-star-itis.”  I  know  the  teams 
need  recognition  beyond  the  company,  but 
what’s  the  right  balance?  If  your  CIO  is 
more  interested  in  building  his  public 
profile  than  in  running  the  IT  function, 
you’ve  got  a  real  problem.  In  my  book 
Leading  Geeks,  I  suggest  that  an  IT 
leader  has  four  key  responsibilities: 

■  Furnishing  internal  facilitation. 

■  Providing  external  representation. 
■  Nurturing  motivation. 

■  Managing  ambiguity. 

If  a  CIO  is  focusing  on  any  one  of 
these  to  the  exclusion  of  others,  the  or¬ 
ganization  suffers.  The  CIO  is  shirking 
important  parts  of  his  responsibilities 
and  needs  to  either  change  his  approach 
or  be  replaced. 

Being  an  active  member  of  the  IT 
management  community  is  an  ad¬ 
mirable  and  valuable  thing  for  a  CIO.  A 
speech  here  or  there,  a  magazine  inter¬ 
view  or  two,  or  even  serving  on  the 
board  of  a  professional  association  is  a 
good  thing  to  do.  But  it  doesn’t  take 
that  big  a  time  commitment.  And  while 
the  PR  generated  by  CIO  awards  isn’t 
a  bad  thing  for  any  company  or  the 
morale  of  the  IT  staff,  it  does  rather 
little  to  keep  the  systems  running. 

Rock-star  behavior  is  personal  glory¬ 
seeking,  not  effective  representation 
of  the  IT  group.  That  stance  is  easily 
spotted  by  the  staff  and  is  appropriate¬ 
ly  met  with  derision  and  disgust. 

There  are  no  rock  stars  in  the  IT 
world.  We  do  things  that  are  absolutely 
essential  but  hardly  glamorous.  If 
someone  is  just  resume-padding,  he 
needs  a  good  kick  in  the  rump  roast. 

O  54660 


WHILE  WE’RE  ON 
THE  SUBJECT... 


WHAT  SI  LOGICS 
F0 R  II  AN  MBA 

These  are  the  top  five  skills  IT  employers 
find  attractive  in  MBA  graduates: 

Ability  to  think  strategically 
Ability  to  think  analytically 
Leadership  skills 
Oral  communication  skills 
Quantitative  skills 


WHERE  IT  MBAs 
FALL  SHORT 

These  are  the  top  five  skills  IT  employers 
think  MBA  graduates  need  to  improve: 

Leadership 

Ability  to  make  decisions 
with  imperfect  information 

Interpersonal  skills 

Initiative/risk-taking  ability 

Written  communication  skills 


SOURCE:  GRADUATE  MANAGEMENT  ADMISSION 
COUNCIL  2005  SURVEY  OF  1,691  RECRUITERS 

More  for  the 
Outgoing  CIO 

IF  YOU’RE  A  CIO  WHO  ENJOYS  being  in 
the  public  eye,  one  of  Gartner  Inc.’s  CIO  must- 
do  resolutions  for  2005  may  be  just  the  ticket: 
Notch  up  your  external  public  relations  activi¬ 
ties,  Gartner  ai^jses,  but  first  get  professional 
advice.  ■ 

That  means  moving  beyond  the  occasional 
conference  presentation  to  learn  how  to  deal 
with  a  tougher  audience:  the  press.  But  the  pay¬ 
off  is  the  ability  to  bring  flattering  attention  not 
only  to  yourself,  but  also  to  your  IT  group  and 
your  company.  “Compared  with  their  business 
peers,  CIOs  are  often  ill-prepared  to  deal  with 
the  press,  resulting  in  ineffectual  or  counterpro¬ 
ductive  public  statements,"  Gartner  says.  “Op¬ 
portunities  exist  to  gain  competitive  advantage 
from  PR,  but  you  should  professionalize  your 
competence.” 


AMONG  GARTNER’S  SUGGEST! 

Get  professional  PR  coaching  for 
yourself  and  your  team. 

Offer  your  views  about  how  changes 
to  your  industry  are  catalyzed  by 
technology. 

Resist  the  temptation  to  comment 
about  the  future  of  a  technology  that 
your  company  neither  makes  nor  sells. 

Seize  your  share  of  the  PR  payback 
when  an  IT  project  facilitates  product 
or  service  innovation  that’s  visible  to 
customers. 


EMC 

where  information  lives 


Fr:  being  alone  with  your  information  management  challenges 


EMC  SERVICES  CAN  HELP  YOU  GET  MORE  FROM  YOUR  INFORMATION.  With  EMC,  you  get  the  combined 
expertise  of  over  7,000  consultants,  specializing  in  everything  from  comprehensive  analysis  and  long-term 
planning  to  proven  implementation  and  support.  It’s  the  insight  you  need  to  archive  information  efficiently, 
enable  compliance,  maintain  business  continuity,  and  take  on  new  challenges.  And  it’s  the  first  step  toward 
creating  an  information  lifecycle  management  strategy  that  fits  your  business.  To  put  EMC’s  award-winning 
services  to  work  for  you,  visit  www.EMC.com/services. 


EMC*,  EMC,  and  where  information  lives  are  registered  trademarks  of  EMC  Corporation.  ©  Copyright  2005  EMC  Corporation.  All  rights  reserved. 


46  COMPUTERWORLD  July  25,  2005 


MANAGEMENT 


www.computerworld.com 


Half  of  the  Fortune  500  companies  have 
dealt  with  at  least  one  incident  related  to 
computer  pornography  in  the  workplace 
over  the  past  12  months,  according  to  a 
survey  released  last  month. 

Corporations  are  taking  the  problem  seri¬ 
ously;  survey  respondents  said  that  those 
responsible  were  fired  in  44%  of  the  cases 
and  disciplined  in  41%. 

The  survey  was  con¬ 
ducted  by  Delta  Consulting, 
an  Atlanta-based  market 
research  company.  The 
respondents  were  executives  from  50  of  the 
Fortune  500  in  industries,  including  manufac¬ 
turing,  retail,  health  care,  banking/financial 
services  and  telecommunications.  The  indi¬ 
viduals  polled  ranged  from  senior  vice  presi¬ 
dents  to  managers. 

Of  those  polled,  74%  said  they  were  fully 
aware  that  computer  porn  in  the  workplace  can 
form  the  basis  for  employee  claims  of  sexual 


THEX-rated 

WORKPLACE 


harassment  and  a  hostile  work  environment. 
Flowever,  only  54%  described  themselves  as 
being  totally  cognizant  that  attorneys  looking  for 
evidence  in  such  cases  will  first  want  to  see  a 
company’s  records  on  Internet  usage,  e-mail 
traffic  and  images  on  hard  drives. 

“At  the  root  of  the  issue,  companies 
are  liable  -  it’s  their  equipment  and  their 
employees,"  said  Alain 
Recaborde,  principal  of 
Delta  Consulting.  “Not  all 
of  them  realize  that.” 
Recaborde  split  the 
people  polled  into  three  groups.  Twenty-five 
percent,  particularly  those  at  the  senior  exec¬ 
utive  level,  were  very  sensitive  to  the  topic  of 
computer  porn  at  work  and  the  legal  issues  sur¬ 
rounding  it.  But  on  the  flip  side,  another  25% 
didn’t  seem  to  be  aware  of  the  issue  or  con¬ 
cerned  about  it.  “Then,  there’s  50%  in  the  mid¬ 
dle  who  could  go  either  way,”  Recaborde  said. 

-  China  Martens,  IDG  News  Service 


Charlie 

Jones 


A0  I  ft  might  just  have 
II Q# II  been  a  blip,  but 
April  was  a  ban¬ 
ner  month  for  job  creation.  Ac¬ 
cording  to  the  Bureau  of  Labor 
Statistics,  the  U.S.  economy  added 
274,000  jobs  in  April,  or  roughly 
100,000  more  than  analysts  had 
expected. 

The  gains  also  reflected  an 
uptick  in  the  hiring  of  temporary 
IT  workers,  according  to  Yoh,  a 
staffing  and  outsourcing  services 
firm  with  more  than  80  locations  in 
the  U.S.  and  U.K.  Computerworld' s 
Thomas  Hoffman  spoke  with  Yoh’s 
Charlie  Jones  about  hiring  trends 
for  temporary  IT  workers. 


TITLE:  Vice 
president 


Yoh 

Staffing  Solu¬ 
tions  Ltd.,  War¬ 
rington,  England 


What  were  you  able  to  glean  from  the 
April  jobs  report  in  terms  of  hiring 
prospects  for  temporary  IT  workers? 

I  think  you’re  going  to  start  seeing  an  upward 
spiral.  Everything  that  we've  been  seeing  indi¬ 


cates  that  there’s  increased  demand  for  IT 
professionals  across  all  regions  and  within 
different  parts  of  companies.  We’ve  been 
seeing  a  fairly  substantial  increase  in  demand 
for  project  managers,  application  developers 
-  especially  in  [enterprise  application  integra¬ 
tion]  technologies.  There’s  a  big  increase 
in  demand  for  Java-type  skills,  a  nice  blip  in 
the  ERP/CRM  world  and  also  in  the  data 
warehousing  space. 

In  the  last  couple  of  years,  IT  budgets  were 
slashed  and  new  project  developments  were 
put  on  the  back  burner.  Now,  some  of  those 
monies  have  been  freed  up,  and  organizations 
are  looking  at  what  types  of  projects  are  go¬ 
ing  to  drive  ROI,  and  that’s  where  we’re  see¬ 
ing  the  greatest  increase  in  activity. 

Are  there  particular  industries  where 
hiring  for  temporary  IT  workers  is 
strongest?  A  lot  of  work  is  becoming  avail¬ 
able  in  banking  and  finance.  There  are  some 
nice  increases  in  pharmaceuticals.  We’ve 
seen  a  substantial  blip  in  the  retail  sector. 

How  is  this  affecting  wages?  Over  the  last 
few  years,  wages  had  been  compressed. 

Now,  hourly  wages  are  going  up  for  contract 
consultants,  with  a  lot  of  higher-end  profes¬ 
sionals  getting  multiple  offers.  We’re  seeing 
more  and  more  counteroffers  and  an  increase 
in  the  bill  rates  that  we're  sending  back  to  our 
clients.  It’s  even  starting  to  outstrip  supply, 
which  will  cause  labor  rates  to  increase. 

Is  there  any  way  to  quantify  the  increase 
in  wages  over  the  past  three  to  six 
months?  I  haven’t  put  the  pen  to  paper  on  this 
yet,  but  it  looks  like  it’s  a  5%  to  6%  increase 
since  the  beginning  of  the  year.  0  55314 


Time  to 
Get  Away 

Do  employees  in 
your  organization  feel 
more  comfortable  taking 
time  off  this  year? 


SOURCE  WORKFORCE  MANAGEMENT 
MAGAZINE  ONLINE  POLL,  JULY  2005; 
457  RESPONDENTS 
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IT  hiring  activity  is  expected  to  increase 
in  the  third  quarter.  According  to  the  “Robert  | 
Half  Technology  Information  Technology  Hiring  J 
Index  and  Skills  Report,"  14%  of  more  than 
1,400  CIOs  interviewed  said  they  plan  to  I 


add  full-time  IT  staff  in  the  third  quarter,  j 
while  3%  anticipate  personnel  reduc¬ 
tions  and  81%  expect  to  maintain  cur-  I 


rent  staff  levels.  The  numbers  translate  to  a 
net  11%  hiring  increase,  compared  with  a  net 
5%  increase  forecast  a  year  earlier.  That’s 
the  largest  net  increase  in  hiring  activity  in 
12  quarters,  the  report  said. 

What’s  driving  the  IT  hiring?  Business 
expansion  was  cited  by  38%  of  respon¬ 
dents  as  the  leading  factor,  followed  by 
demand  for  increased  customer  and  end- 
user  support,  at  21%. 

Executives  at  the  largest  firms  (1,000  or 
more  employees)  forecast  the  highest  levels 
of  IT  hiring  activity,  and  CIOs  in  New  England 
were  the  most  optimistic  about  future  hiring. 

Conducted  by  an  independent  research 
firm,  the  national  poll  includes  responses 
from  CIOs  from  a  stratified  random  sample  of 
U.S.  companies  with  100  or  more  employees. 

Compiled  by  Jamie  Eckle. 


WHAT’S  IN  DEMAND 


Windows  administration 

77% 

Wireless  network 
management 

48% 

SQL  Server  management 

47% 

Cisco  network  administration 

43% 

Check  Point  firewall 
administration 

29% 

Visual  Basic  development 

27% 

Active  Server  Page 
development 

23% 

.Net  development 

21% 

XML  development 

21% 

Linux  administration 

18% 

Oracle  database  management 

18% 
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Finally, 
business  and  IT 
speak  the  same  language. 
SAP  Net  Weaver  '  is  an  open 
platform  that  takes  flexibility 
to  another  level.  It  allows  you  to 
quickly  implement  new  business 
strategies  and  drive  competitive  advantage 
—  all  while  boosting  productivity  and  letting 
you  leverage  your  existing  IT  investments. 
Visit  sap.com/technology  to  learn  why  thousands 
of  customers  already  rely  on  SAP  NetWeaver. 


THE  BEST-RUN  BUSINESSES  RUN  SAP 
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Open-Source 

What  are  your  plans  for 
open-source  software? 

2004 


Base:  140  North  American  companies 
Percentages  don't  equal  100  because  of  rounding. 
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Base:  128  North  American  companies 
Percentages  don’t  equal  100  because  of  rounding. 

SOURCE.  FORRESTER  RESEARCH  INC.. 
CAMBRIDGE.  MASS.  JUNE  2005 


If  you’re  not  using  or 
planning  to  use  open-source, 
why  not? 


Lack  of  skills/familiarity 

mmssammm  67% 

Lack  of  applications 

HHOHH52% 

Lack  of  support 

36% 

Product  immaturity 

mm  30% 

Security 


Unexpected  license  costs 

mm  18% 

Fear  that  open-source 
community  will  splinter 
or  disappear 

16% 

Don’t  know 
16% 


Base:  33  North  American  companies 
nor  using  or  planning  to  use  open-source 
software.  Multiple  responses  allowed. 

SOURCE  FORRESTER  RESEARCH  INC  . 
CAMBRIDGE.  MASS.  JUNE  2005 


STEFAN  STEURS 


Offshoring:  A 
View  From  Europe 


I’M  A  READER  OF  Computerworld  on  the  other 
side  of  the  Atlantic.  When  I  read  “The  ‘O’  Word 
Reconsidered”  [QuickLink  54064],  I  was  glad  to 
see  that  someone  in  the  U.S.  was  treating  this 
subject  from  a  different  point  of  view  than  the 
one  I’ve  been  hearing  and  reading  lately. 

The  stance  on  outsourcing  taken  by  some  U.S.  citi¬ 
zens  in  articles,  columns  and  e-mails  is  sometimes  grim. 
At  some  point,  it  often  starts  to  sound  very  arrogant, 
not  to  say  racist.  Here  are  the  arguments,  as  I  see  them: 


Americans  frequently 
question  the  quality  of 
“offshore”  education.  But 
there  are  good  universities 
all  over  the  world  teaching 
students  in  English  about 
IT  so  they  can  become 
well-educated  software  de¬ 
velopers.  Education  is  the 
way  forward  to  democracy 
and  prosperity,  so  shouldn’t 
we  be  happy  that  those  peo¬ 
ple  can  get  it?  Democracy 
and  prosperity  are  what 
we’re  all  after,  aren’t  they? 

Moreover,  the  power  of 
numbers  can’t  be  denied. 

The  “offshore”  workforce  accounts  for 
one-third  of  the  world’s  population. 
And  improving  education  systems  and 
emerging  modern  infrastructures  will 
generate  more  pools  and  pockets  of 
talent,  whether  we  like  it  or  not. 

What’s  more,  the  quality  of  the  soft¬ 
ware  that  we  in  the  West  have  been 
building  has  often  been  criticized,  too. 
Are  we  in  a  position  to  pass  blame  to 
other  people  about  lack  of  quality 
when  we  haven’t  been  doing  such  a 
great  job  ourselves? 

Wages  are  another  point  of  con¬ 
tention.  A  lot  of  people  in  the  “off¬ 
shore”  countries  are  very  motivated 
and  work  for  far  less  than  their  Euro¬ 


pean  and  American  col¬ 
leagues.  For  people  with 
fewer  opportunities,  lower 
wages  are  better  than  no 
wages  at  all. 

True,  Americans  and 
Europeans  sometimes  lose 
jobs  to  these  people,  but 
aren’t  we  over-represented 
in  terms  of  the  proportion 
of  the  world’s  IT  workers 
to  our  relative  populations? 
Can  it  be  called  fair  that  we 
deny  people  of  the  largest 
countries  in  the  world  a 
fair  share  of  the  market? 
The  Asian  market  is  de¬ 
veloping  quickly.  It  represents  a  giant 
opportunity,  and  protectionism  won’t 
buy  a  lot  of  goodwill. 

Involvement,  on  the  other  hand,  will 
lead  to  mutual  benefits.  Don’t  forget 
that  when  these  local  economies  get 
going,  they’ll  become  markets  for  the 
products  and  services  you’ll  be  offer¬ 
ing  tomorrow. 

We’ve  seen  other  sectors  going 
through  the  same  motions.  Producers 
of  goods  like  clothing  and  electronics 
have  mostly  abandoned  the  U.S.  and 
Western  Europe  in  favor  of  places 
with  cheap  labor,  relaxed  ecological 
rules  and  low-priced  raw  materials. 
This  has  not  always  happened  in  a 
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very  fair  way,  and  sometimes  it  has 
looked  like  exploitation. 

Fortunately,  IT  requires  educated 
and  skilled  people,  a  decent  infrastruc¬ 
ture  and  appropriate  working  condi¬ 
tions.  Even  our  IT  equipment’s  need 
for  clean  and  climate-controlled  oper¬ 
ating  conditions  makes  the  playing 
field  more  level. 

I  can  appreciate  that  IT  workers  feel 
threatened,  but  fear  is  a  bad  factor  in 
decision-making.  A  better  reaction  is 
to  make  sure  that  you  can  be  competi¬ 
tive.  If  you  are  good  at  what  you  do, 
then  strive  to  get  even  better  —  work 
harder,  be  flexible  and  enhance  your 
knowledge  and  skills. 

IT  has  made  this  world  smaller  and 
more  connected,  and  the  outsourcing/ 
offshoring  of  software  development 
can  help  create  the  global  village  we 
say  we’re  seeking.  In  this  village,  we 
will  all  be  neighbors,  and  good  neigh¬ 
bors  are  what  we  need.  Such  a  village 
requires  mutual  respect,  involvement 
and  cooperation,  not  isolation  and 
fortresses. 

The  idea  of  a  level  playing  field  may 
not  be  appealing  to  the  politicians  who 
seek  to  protect  power  and  influence  or 
to  the  big  corporations  that,  above  all, 
want  to  maximize  profits  and  lower 
production  costs.  It  may  not  seem  ap¬ 
pealing  to  people  who  might  lose  their 
jobs.  Nevertheless,  not  accepting  fair 
and  equal  opportunities  for  all  the 
people  who  live  in  this  village  can’t  be 
the  way  to  go. 

Advances  will  be  in  the  interest  of 
the  whole  world,  not  limited  to  a  lucky 
few.  If  you  don’t  get  involved  in  global¬ 
ization,  if  you  don’t  develop  your  rela¬ 
tionships,  then  chances  are  you  will  be 
overtaken  and  left  behind.  O  55190 


WANT  OUR  OPINION? 

OFor  more  columns  and  links  to  our  archives,  go  to 

www.computerworld.com/opinions 


HP  Proliant  BL20P  G3  blade  server 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Intel®  Xeon™  Processors  (3.60GH^/2MB)' 

•  High  density:  Up  to  48  servers  per  rack 

■  Fiexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based  networked 
managment  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 


HP  STORAGE  WORKS  MSA1500cs 


Get  2TB  of  Storage  Free  (52,800  Value)’ 

■  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

■  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

■  Ability  to  mix  SCSI  and  Serial  ATA  enclosures 
for  greater  flexibility 

•  2GB/1GB  Fibre  connections  to  host 


The  HP  ProLiant  BL20p  G3  blade  server  with  the  Intel  '  Xeon™  Processor  simplifies  server  management. 
Simple  to  set  up,  simple  to  monitor,  simple  to  manage.  It  all  starts  with  the  Rapid  Deployment 
Pack,  giving  you  an  automated  setup  process  to  configure  and  deploy  servers  at  a  high  volume 
and  a  rapid  pace.  Then  HP  Systems  Insight  Manager™  carefully  monitors  your  infrastructure, 
alerting  you  to  potential  problems  before  they  occur.  And,  whenever  you're  away  from  the  office, 
the  remote  management  features  let  you  manage  your  server  no  matter  where  you  are.  Plus,  you 
can  bundle  it  with  the  HP  StorageWorks  MSA1500  to  make  storing  your  data  simple,  scalable 
and  affordable.  So  with  HP,  you  get  more  expertise  before  you  buy,  more  technology  when  you 
do  and  more  support  after. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SUPPORT 


Download  a  free  IDC  white  paper: 

Reducing  Total  Cost  of  Ownership 
Through  the  Use  of  Blade  Systems. 

Save  $750  instantly 

on  a  blade  enclosure  solution?'* 

See  Web  site  for  details. 


Call  1-866-356-6090 
Click  Hp.com/go/bladesmag3 
Visit  your  local  reseller 


1.  Intel's  numbering  is  not  a  measurement  of  higher  performance.  2.  Receive  up  to  2TB  of  storage  free  with  purchase  of  HP  StorageWorks  Modular  Smart  Array  1500  cs  devices.  3,  Save  $750  instantly  on  the  purchase  of  any  HP  BladeSystem  pCIass  enclosure. 
Offer  valid  through  7/31/05.  4.  Save  $750  instantly  on  the  purchase  of  a  BladeSystem  pCIass  1U  power  enclosure  solution.  Offer  valid  through  10/31/05.  All  offers  available  from  HP  Direct  and  participating  resellers.  Prices  shown  are  HP  Direct  prices,  are 
subject  to  change  and  do  not  include  applicable  state  and  local  sales  tax  or  shipping  to  recipient's  destination.  Reseller  prices  may  vary.  See  Web  site  for  full  details.  Photography  may  not  accurately  represent  exact  configurations  priced.  Associated  values 
represent  HP  published  list  price.  Intel,  Intel  Inside,  the  Intel  Inside  Logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2005  Hewlett-Packard  Development  Company.  L  P. 
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INTELLIGENCE 

PERSPECTIVES 


Got  an  award-worthy 
business  intelligence 
project? 

Submit  it  for  consideration 
by  August  12th! 


.COMPUTERWORLD 

BUSINESS  INTELLIGENCE  PERSPECTIVES 

Best  Practices 

IN  BUSINESS  INTELLIGENCE 


AWARDS  PROGRAM 


Visit  www.biperspectives.com 


Find  Real  Solutions  for  Achieving 
Business  Intelligence  Success 


September  26-28,  2005  •  Hyatt  Regency  at  Gainey  Ranch  •  Scottsdale,  Arizona 


Featured  Speakers  Include: 


JAMES  A.  BELL 

General  Manager,  Operating  Services 
Union  Pacific  Railroad 

JON  FARRAR 

Vice  President,  Predictive  Modeling 
Union  Bank  of  California 

TONY  FULLER 

Vice  President  &  Chief  Information  Officer 
Rent-A-Center 

ANDY  GEORGE 

Senior  Vice  President  of  Technology 
Profitline 

ROBERT  GRAY 

Vice  President,  Infrastructure  Metrics 
Bank  of  America 

BRIAN  HICKIE 

Vice  President,  Business  Intelligence 
McKesson  Corporation 

BARBARA  KINDEL 

Vice  President,  IS  Solutions  Engineering 
Calpine 


STACY  J.  SMITH 

Vice  President  &  Chief  Information  Officer 
Intel 


The  Leading  Executive 
Conference  for: 

•  Business  Intelligence  Applications 

•  Performance  Management 

•  Risk  Management 

•  Analytic  Technologies 

•  Data  Warehousing  and  Mining 
•CRM  and  ERP 

•  Regulatory  IT 

•  Best  Practices  in  Bl 

To  register  or  for  more  information, 
visit  www.biperspectives.com/cw 


See  solutions  from  companies  including:  (as  of  7/21/05) 


CONFERENCE  UNDERWRITER 

PLATINUM  SPONSORS 

COCP-SDS 

Business  Objects' 

LAWSON' 

THE  NEXT  LEVEL 

OF  PERFORMANCE™ 

ORACLE' 

asaa 

The  Power  to  Know. 
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MEDIA  &  ASSOCIATION  SPONSORS 

UWMkiR  EcoSvotus 

For  sponsorship  opportunities,  call  John  Amato  at  508-820-8279 


Owned  and  Produced  by 
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As  far  as  business  models  go,  ours  is  pretty  simple. 

At  U.S.  Cellular®,  we  treat  our  customers  the  way  we  want  to  be  treated  -  with  respect,  appreciation  and  loyalty.  We  understand  that  in 
order  to  keep  our  customers,  we  must  to  do  everything  in  our  power  to  make  their  experience  with  us  a  rewarding  one. 

The  same  holds  true  with  our  own  associates.  As  an  Information  Systems  or  Engineering  Professional  with  U.S.  Cellular,  you  will  discover 
a  diversified  group  of  skilled  professionals  who  all  share  one  thing  in  common:  an  uncompromising  commitment  to  do  whatever  it  takes  to 
make  the  customer  experience  satisfying  -  and  to  enjoy  a  career  experience  just  as  rewarding. 

If  you're  looking  to  join  an  organization  that  cares  as  much  about  associate  satisfaction  as  it  does  its  customers',  take  a  good  look  at 
U.S.  Cellular.  To  explore  all  of  our  current  Information  Systems  and  Engineering  positions,  please  visit:  www.uscellular.com  today.  EOE. 


"7^  U.S.  Cellular 

We  connect  with  vow. 


www.uscellular.com 


Aggressive  Growth 


Great  for  your  portfolio. 

Even  better  for  your  career. 

UnitedHealth  Group  is  a  company  that’s  going  places,  and  the  mainframes  are  critical  to  getting  us 
there.  We're  expanding,  growing  and  developing  into  a  diverse  organization  destined  to  be  the 
name  in  health  and  well  being.  In  just  the  past  year,  we’ve  acquired  leading  companies  like  Mid- 
Atlantic  Medical  Services  (MAMSI),  HomeCall,  Definity  Health,  Oxford  Health.. ..just  to  name  a  few. 
Our  growth  translates  into  your  growth. 

Right  now,  our  Computer  Data  Center  has  multiple  openings  in  Hartford,  CT  and  Minneapolis,  MN 
for  MAINFRAME  IT  professionals  in  the  following  areas: 

•  CICS  Systems  Programmers  (Req#i4i047) 

•  z/OS  Consultant  Leads  (Req  #  141053) 

•  Mainframe  DB2/IMS  DBA  (Req  #141718) 

•  Mainframe  Storage  Architects  (Req  #141105) 

•  IMS  Systems  Programmers  (Req  #141045) 

•  DB2  Systems  Programmers  (Req  #  141046) 

•  Endevor  Administrator  (Req  #138859) 

Here  the  environment  is  fast.  Projects  are  diverse.  Managers 
are  highly  visible  and  approachable.  Mainframes  play  a  key  role 
in  our  application  hosting  operations.  Basically,  you’ll  be 
surrounded  by  the  best  technology,  people  and  resources  the 
industry  has  to  offer.  That's  why  at  UnitedHealth  Group,  our 
motto  is: 

Healthy  Business.  A  Rare  Combination. 

The  next  step?  Apply  on  line  at: 
www.unitedhealthgroup.com/careers 


Diversity  creates  a  healthier  atmosphere:  An  equal  opportunity  employer.  M/F/D/V. 


CME,  the  largest  and  most  diversified 
financial  exchange  in  the  world  for 
trading  futures  and  options  on  futures, 
is  proud  to  be  acknowledged  in 
Computerworld's  1 00  Best  Places 
to  Work  in  IT  for  2005. 


We  are  currently  seeking  experienced 
technology  professionals  to  join  our  dynamic  team: 

Senior  QA  Analyst 
Unix/Linux  Administrator 
Senior  Java/J2EE  Programmer  Analyst 
Lead  Network  Engineer 

Review  detailed  position  descriptions, 
explore  additional  career  opportunities  and  apply  online  at: 


.0 


www.cme.com 


emeu 

Chicago  Mercantile  Exchange 

Equal  Opportunity  Employer 
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We  have  multiple  openings  for  the  following  positions  to  work  at 
client  sites  throughout  the  United  States.  Send  Resumes  to:  Webilent 
Technology  Inc,  259  A  Main  St.  Suite  #5  Nashua,  NH  03060. 

Senior  Java  Software  Engineer  -  Provide  software  expertise  and  lead  the 
team  which  maintains  and  develops  improved  interfaces  for  new  and 
existing  mission  critical  applications.  Oversee  the  design  and  develop¬ 
ment  of  software  applications  using  Java,  JDBC,  J2EE,  JSP,  Struts,  Web¬ 
sphere,  Weblogic,  Tomcat  and  XML.  Perform  object  oriented  methodolo¬ 
gies  and  problem  diagnosis.  Ensure  pmjr— ‘ completed  in  timely  man¬ 
ner. 

Senior  Oracle  Software  Engineer  -  Design,  develop  and  customize 
Oracle  Applications  using  Oracle  Forms,  Reports,  Stored  Procedures  and 
PL/SQL.  Solve  system  issues.  Provide  design  recommendations  to  assist 
in  generating  requirements  and  improving  performance  and  reliability  of 
existing  and  new  software.  Lead  a  team  of  programmers  to  implement  the 
application. 

Senior  Software  Engineer  -  Interpret  requirements  and  generate  software 
design  specifications.  Carry  our  effort  estimation  for  new  development. 
Implement  software  modules  in  C/C++  or  Java.  Conduct  code  and  docu¬ 
ment  reviews.  Perform  unit  testing  of  software  modules.  Develop  simula¬ 
tion  and  test  tools.  Support  system  integration  and  field  integration.  Main¬ 
tain  and  support  existing  software  modules  and  provide  technical  guid¬ 
ance  to  team  members. 

Lead  Database  Administrator  -  Manage  a  number  of  databases  for  devel¬ 
opment,  test  and  production  environments.  Resolve  problems  and  per¬ 
form  peer-review  of  SQL/PL  SQL  for  best  practices  will  be  undertaken  as 
projects  move  through  the  development  lifecycle. 

Senior  Mainframe  Software  Engineer  -  Analyze  the  business  needs,  pre¬ 
pare  the  technical  specifications  and  test  the  application  using  COBOL, 
VSAM,  CICS,  DB2,  Fiieaid,  and  MVS/ESA.  Work  on  performance  effi¬ 
ciency,  troubleshooting,  and  production  support.  Lead  a  team  of  pro¬ 
grammers  to  implement  the  application. 

Senior  QA  Software  Engineer  -  Analyze,  design,  develop  and  prepare  the 
test  scripts  for  the  business  applications  in  collaboration  with  Systems 
Engineer  requirements  and  design  process.  Will  work  with  testing  tools 
Winrunner,  QTP,  and  Test  Director  on  Windows  NTA/Vindows  2000/Unix 
Operating  Systems.  Will  lead  a  team  of  testers  to  implement  the  applica¬ 
tion. 

Senior  SAP  Software  Engineer  -  Perform  configuration  of  WM,  MM  and 
TF  technology  implementation.  Analyze  SAP  systems.  Perform  ABAP/4 
programming  using  WM,  SD,  FI/CO  PP  modules.  Perform  validations  and 
testing.  Lead  the  development  team  and  integration  effort  for  the  imple¬ 
mentation  of  contracts  business  processes  in  SAP  R/3  sales  and  distrib¬ 
ution  (SD).  Propose  technical  solutions  and  ensure  fit  with  Enterprise 
Architectural  Guidelines. 

Senior  Unix  Administrator  -  Oversee  and  perform  Unix  System  adminis¬ 
tration,  TCP/IP  Network  Administration,  system  planning,  clustering,  per¬ 
formance  tuning,  application  monitoring,  hardware/software  evaluation 
and  shell  scripting  in  Sun  Solaris/HP-UX/AIX/Red  Hat  platforms. 

Sr.  Net  Software  Engineer  -  Design,  develop  and  test  software  applica¬ 
tions  using  SQL  Server,  ASP.net,  C#,  VB.Net,  XML  and  Crystal  Reports. 
Perform  troubleshooting,  query  optimization,  testing  and  production  sup¬ 
port.  Lead  a  team  of  programmers  to  implement  the  application. 
Participate  in  internal  program  reviews.  Manage  and  mentor  the  develop¬ 
ment  staff.  Ensure  development  is  completed  according  to  policies  and 
procedures. 

Sr.  SAP  Business  Analyst  -  Perform  business  process  analysis,  design¬ 
ing,  business  problem  management  and  project  implementations. Will 
work  on  implementation  and  Integration  of  FI/CO,  SD,  HR,  MM  and  other 
modules  of  SAP  R/3.  Integration  of  PP  and  MM  with  other  SAP  R/3  mod¬ 
ules  SD,  WM  &  FI/CO. 


Technical  Lead:  Verso  Technolo¬ 
gies,  Inc.  seeks  applications  for 
the  position  of  Technical  Lead  in 
the  following  areas:  Network 
Engineering,  Software  Engin¬ 
eering,  Quality  Assurance.  The 
Technical  Lead-Network  Engin¬ 
eering  position  involves  analyz¬ 
ing  and  diagnosing  problems 
regarding  telecommunication, 
Voice  Over  Internet  Protocol 
(VOIP)  hardware  and  software. 
Requirements  for  the  Technical 
Lead  -  Network  Engineering 
include  a  Master's  degree  or 
equivalent,  two  years  of  network 
engineering  experience  and 
working  knowledge  of  Voice 
Over  Packet  Switching  (VOPS) 
and  VOIP  technology  and  tele¬ 
phony  signaling  protocols.  Tech¬ 
nical  Lead-Software  Engineer¬ 
ing  position  involves  full  life- 
cycle  design  and  development 
of  VOIP  software  including  tele¬ 
phony  and  network  telecommu¬ 
nications  software  applications 
for  high  availability  systems. 
Requirements  include  Master's 
Degree  or  equivalent,  two  years 
of  software  engineering  experi¬ 
ence,  and  working  knowledge  of 
C/C++,  VOIP  software  and  tele¬ 
phony  signaling  protocols.  Tech¬ 
nical  Lead-Quality  Assurance 
involves  the  testing  of  hardware 
and  VOIP  software  for  compli¬ 
ance  with  telecommunications 
protocols  and  product  release 
feature  requirements.  Require¬ 
ments  include  a  Master's  De¬ 
gree  or  equivalent,  two  years  of 
quality  assurance  engineering 
experience  and  working  knowl¬ 
edge  of  creating  test  specifica¬ 
tions  from  software  product 
requirements  and  generation  of 
test  scripts  for  telephony  and 
VOIP  protocol  validation  product 
requirements.  All  positions  are 
located  in  Littleton,  Colorado. 
Send  resume  by  mail  to  Larry 
Schwartz,  Verso  Technologies, 
Inc.,  1221  W.  Mineral  Avenue, 
Suite  100,  Littleton,  Colorado 
80120. 


Software  Engineer.  Plan,  des¬ 
ign,  develop  &  implement  cus- 
tomizations  to  Oracle  Applica¬ 
tions  Suite  in  jewelry  manufac¬ 
turing  &  distribution  operation 
performing  gap  analysis,  custom 
development,  configuration,  im¬ 
plementation,  migration  &  devel¬ 
opment  of  interface  for  many 
third  party  systems.  BS,  Compu¬ 
ter  Science  or  Engineering;  5  yrs 
progressively  more  responsible 
information  technology  exp., 
including:  Oracle  Developer  6i, 
PL/SQL,  &  Workflow;  1  year 
exp.  Oracle  Application  Modul¬ 
es,  including  Order  Manage¬ 
ment,  Advanced  Pricing,  Inven¬ 
tory,  Purchasing  &  WIP.  Exp. 
may  be  obtained  concurrently. 
Send  resume  to  Stutter,  Inc.  302 
Rue  Louis  XVI,  Lafayette,  LA 
70850.  Must  apply  w/in  30  days 
&  refer  to  job#25097. 


Systems  Administrator 
Metuchen,  NJ 

Sunrise  Systems  a  software 
consulting  &  development  com¬ 
pany  has  multiple  openings  for 
experienced  professionals  to 
install/configure/support  HP/Sun 
Solaris  Servers,  Brocade  Swit¬ 
ches.  Tune  Kernel  Parameters  & 
Memory  Cache.  Install  /  main¬ 
tain  Legato,  Omni  Backup,  Veri¬ 
tas  Netbackup,  Veritas  Clusters 
&  MC  Service  Guard.  Provide 
support  of  systems  availability  & 
implement  Network  Node  Mana¬ 
ger,  IT  Openview,  systems  secu¬ 
rity  measures  &  SOX  implemen¬ 
tation.  Install  HP  Command 
View  &  Secure  Manager.  We 
offer  competitive  salaries  &  pro¬ 
fessional  work  environment.  For 
immediate  consideration  send 
resume  to:  Sunrise  Systems 
Inc.,  Attn.:  HR  -  21A,  PO  Box 
4647,  Metuchen,  NJ  08840. 


Software  Engineer.  Plan,  des¬ 
ign,  develop  &  implement  cus- 
tomizations  to  Oracle  Applica¬ 
tions  Suite  in  jewelry  manufac¬ 
turing  &  distribution  operation: 
will  perform  gap  analysis,  cus¬ 
tom  development,  configuration, 
implementation,  migration  & 
development  of  interface  for 
many  third  party  systems.  BS, 
Computer  Science  or  Engineer¬ 
ing;  5  yrs  progressively  more 
responsible  information  technol¬ 
ogy  exp.,  including:  JAVA,  JSP, 
Oracle  Developer  6i,  PL/SQL,  & 
Workflow;  1  yr.  exp.  Oracle 
Application  Modules,  including 
Order  Management,  Advanced 
Pricing,  inventory,  &  Purchasing. 
Experience  may  be  obtained 
concurrently.  Send  resume  to 
Stuller,  Inc.  302  Rue  Louis  XVI, 
Lafayette,  LA  70850.  Must  apply 
w/in  30  days  &  refer  to 
job#25096.  _ 


Software  Engineer 

Develop  SW  solutions  for  China 
email  address  validation,  daily 
email  newsletter  delivery  to 
China,  email  db  maintain,  up¬ 
date,  data  process,  web  data 
analysis,  &  counter  Internet  fil¬ 
tering  practice  in  China  &  sys¬ 
tem  administration  for  Linux/ 
Windows  servers.  Job  in  Cary, 
NC.  Req:  M.S.  in  CIS/CS,  1  yr. 
exp.  Working  knowledge  in 
Written  Mandarin.  Skills  in  TCP/ 
IP,  Perl,  Java,  C/C++,  VB.  40 
hrs/wk.  Resume/Ad  to  Dynamic 
Internet  Technology,  Box  #240, 
2731  NC  HWY.  55,  Cary,  NC 
27519. 


Programmer  Analyst  needed 
w/Bachelors  or  Foreign  Equiva¬ 
lent  in  Engg.  or  Comp  Scie.  or 
Math  &  1  yr  exp  to  analyze, 
design,  develop,  test  &  docu¬ 
ment  application  s/ware  using 
Sybase  ASE,  MS  SQL  Server, 
Visual  Source  Safe,  ASP.  Net, 
Centura  SQL  Windows,  ASP, 
Borland  Code  Wright,  SAP, 
Siebel,  Rumba,  Test  Director  on 
Sun  Solaris,  Unix  &  Windows 
2000/XP.  Mail  res  to: 
Compulnfo,  22  Meridian  Rd, 
Suite  #17,  Edison,  NJ  08820. 
Job  Location:  Edison,  NJ  or  in 
any  unanticipated  locations  in 
U.S. 


VOIP  application  en¬ 
gineers.  B’Ham,  AL. 
Req:  MSEE  &  exp 
w/Cisco  routers  & 
Linux/Unix  &  voice 
over  IP.  US  workers 
only:  R  Hoff,  Compe¬ 
tent  Staffing  Resour¬ 
ces,  1415  Paradise 
Cove  Lane,  Wilson- 
ville,  AL  35186. 


Computer  &  Information 
System  Manager 

Plan,  dir.,  rev.  &  mnge  act. 
involved  in  web  architecture, 
application,  DB  design, 
development  &  implement. 
Req:  MS  in  CS,  2  yrs.  related 
exp.  skills  in  PHP,  Peri,  Py¬ 
thon,  ASP,  Javascript,  CSS, 
Photoshop,  Linux,  MYSQL, 
Apache,  MS  SQL/Access/ 
Foxpro.  40hr/wk.  Resume/Ad 
to  HR  of  the  Artist  Group  at 
8a  Irongate  Dr,  Waldorf,  MD 
20602. 
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Driving  Innovation,  Bringing  Value,  and  Embracing  Change 

Drive  Your  Career  and 
Your  Business  Toward  Success! 
Detroit,  Michigan  •  August  17  -  20,  2005 

Detroit  Marriott  at  the  Renaissance  Center  •  Detroit,  Ml  48243  •  (313)  568-8000 


Whether  you  want  to  checkout  the 
latest  technologies,  find  a  new  job, 
or  market  your  business,  the  BDPA 
Conference  is  the  place  to  be: 

•  Leading-Edge  Workshops 
and  Seminars 

•  Entrepreneur  Focused 
Workshops  and  Events 

•  Youth  Technology  Camp 

•  BDPA  IT  Golf  Classic 

•  High  School  Computer 
Competition 


More  than  40  exhibitors  & 
recruiters  from  the  nation's 
eading  employers  will  be 
conducting  on-site  interviews. 
For  maximum  exposure,  upload 
your  resume  today: 
www.bdpa.careers.monster.com 

Career  Fair 


eareei 


ech 

EXPO 


Visit:  www.bdpa.org  to  register  today! 

BDPA  -  6301  Ivy  Lane,  Suite  700  -  Greenbelt,  MD  20770 
Phone:  301-220-2180  -  Fax:  301-220-2185  -  (800)  727-BDPA 


BiRa  Systems,  located  in 
Albuquerque,  NM,  seeks  a 
Software  Engineer.  The  po¬ 
sition  requires  a  Masters 
Degree  in  Computer  Sci¬ 
ence  and  knowledge  of 
Complex  Problem  Solving, 
Programming  and  Technol¬ 
ogy  Design.  Fax  resumes  to 
Phil  Biswell,  CEO  at  505- 
888-0651  or  mail  resumes 
to:  BiRa  Systems,  2410 
Midtown  Place,  NE,  Suite  A, 
Albuquerque,  NM,  87107, 
Attn:  Phil  Biswell. 


WebFeat,  Inc.,  located  In  Ojai, 
CA,  seeks  a  Software  Engin¬ 
eer  for  their  location  in 
Fairfax,  VA.  The  position  re¬ 
quires  a  Masters  Degree  in 
Computer  Science  and  1  year 
experience  in  Systems  Analy¬ 
sis,  Programming  and  Troub¬ 
leshooting.  Fax  resumes  to 
Marge  Ehmann,  Office  Man¬ 
ager  at  516-908-4311  or  mail 
resumes  to:  WebFeat,  Inc., 
212  Del  Norte  Road,  Ojai,  CA 
93023,  Attn:  Marge  Ehmann. 


Computer  Software 
Engineer,  Applica¬ 
tions  wanted  by  ap¬ 
parel  company  in 
L.A,  CA.  B.S.  in 
Comp.  Sci.  Mail  re¬ 
sume  to  HR  at  4162 
Bandini  Blvd.,  Los 
Angeles,  CA  90023. 


SAP  Consultant,  ABAP 
Progr,  Design  Engg 
(PDM/CAE),  Embedded 
Systems,  Plant  Automa¬ 
tion  &  Progr  Analysts 
needed  for  IT  firm  to 
work  at  various  sites 
throughout  US.  BS,  MS 
or  equiv  in  CS,  EE, 
Mech,  Bus  Adm,  Finan¬ 
ce  or  related.  Pis  mail 
resume  to  HR,  33533 
West  12  Mile  Rd,  #131, 
Farmington  Hills,  Ml 
48331. 


IT  PROFESSIONALS 
TAJ  Technologies,  Inc  delivers 
cutting-edge  IT  solutions  to  cli¬ 
ents  nationwide.  We  are  seeking 
fully  qualified  candidates  for  the 
following  positions  (multiple  op¬ 
enings):  Programmers  to  devel¬ 
op  &  write  computer  programs  to 
store,  locate  &  retrieve  docu¬ 
mentation.  Software  Engineers 
(Systems  Software)  to  resear¬ 
ch,  design,  develop  &  test  oper¬ 
ating  systems-level,  compilers  & 
network  distribution  for  business 
applications,  applying  principles 
of  engineering.  All  positions 
involve  use  of  one  or  more  of  the 
following:  Ematrix,  VC++,  MFC, 
Sybase,  Visual  Studio.NET.  C#, 
Tibco,  Filenet,  Linux,  Java, 
J2EE,  JavaScript,  SAS,  Factory 
Works.  HTML,  XML,  UML,  Perl, 
C,  C++.  UNIX,  Coldfusion.  DB2/ 
SQL  Server,  Crystal  Reports, 
Oracle,  SQL  Server.  All  positions 
require  bachelor's  (or  foreign 
education  equiv  of  same)  in 
related  field  plus  1  yr  relevant 
experience.  Relocation  to  vari¬ 
ous  client  sites  in  U.S.  as  need¬ 
ed.  Send  resume  &  specify  posi¬ 
tion  you  are  seeking  to:  TAJ 
Technologies,  Inc.,  1168  North¬ 
land  Dr.,  Mendota  Heights,  MN 
55120  Attn:  Bryan.  EOE. 


ATTENTION: 

Law  Firms  IT  Consultants  Staffing  Agencies 


Place  your  Labor 
Certification  ads  here! 

Are  you  frequently  placing  legal  or  immigration  advertisements? 

Let  us  help  you  put  together  a  cost  effective  program  that  will  make 
this  time-consuming  task  a  little  easier. 


Contact 

Danielle  Tetreault  at: 

800-762-2977 


it  careers 


Panex  Consulting.  Inc.  d/b/a 
Panex  KPIT  is  seeking  a  CIS 
Project  Manager.  Job  location 
is  Stafford,  TX  and  various  unan¬ 
ticipated  locations,  individuals 
with  Masters  Degree  in  Manage¬ 
ment  Information  Systems, 
Computer  Science,  Mathemat¬ 
ics,  Business  Administration,  or 
Engineering;  and  2  years  experi¬ 
ence  as  CIS  Project  Manager, 
please  respond  with  resume  to: 
10701  Corporate  Drive,  Suite 
380,  Stafford,  TX  77477,  Attn  Mr. 
Tarte. 


For  over  20  years,  Syntel  employees  across  North  America,  Europe,  and  Asia 
have  helped  build  advanced  information  technology  systems  for  leading 
Fortune  500  companies  and  government  organizations  to  improve  their  effi¬ 
ciency  and  competitiveness.  Today,  Syntel  professionals  are  building 
rewarding  careers  by  providing  solutions  in  e-business,  CRM,  Web  Design 
and  Data  Warehousing.  Come  discover  why  Syntel  has  been  ranked  one  of 
“The  200  Best  Small  Companies  in  America"  for  the  last  four  years  in  a  row. 

Due  to  our  rapid  growth,  we  have  immediate,  full-time  opportunities  for  both 
entry-level  and  experienced  individuals  in  the  following  positions: 

Business  Development/ Account  Specialist 

Manage  Sales  activities  and  achieve  sales  quota  for  assigned  territory.  Help 
Syntel’s  sales  leadership  in  planning  and  rolling  out  an  inside  sales  strategy. 

Project  Leaders/Managers 

Train  and  manage  programmer  analysts  on  installation  and  configuration  of 
hardware  and  software  application,  as  well  as  be  responsible  for  project 
planning  an  quality  assurance. 

Programmers/ Analysts 

Analyze,  design,  develop,  test,  and  maintain  relational  database 
management  systems. 

The  above-mentioned  positions  should  possess  any 
of  the  following  skills: 


Mainframe 

•  IMS  DM/DC  or  DB2,  MVS/ESA, 
COBOL,  CICS 

DBA 

•  ORACLE  OR  SYBASE 

Client-Server/WEB 

•  Ab-initio 

•  Websphere 

•  Com/Dcom 

•  Web  Architects 

•  Datawarehousing 

•  Informix,  C  or  UNIX 

•  Oracle  Developer  or  Desiqner 
2000 

•  JAVA,  HTML,  Active  X 

•  Web  Commerce 

•  SAP/R3,  ABAP/4  or  FICO  or  MM 
&  SD 


•  Focus,  IDMS  OR  SAS 


DB2 


»  Oracle  Applications  &  Tools 

•  Lotus  Notes  Developer 

»  UNIX  System  Administrator 

•  UNIX,  C,  C++,  Visual  C++, 
CORBA,  OOD  or  OOPS 

•  WinNT 

•  Sybase,  Access  or  SQL  server 
»  PeopleSoft 

►  Visual  Basic 
»  PowerBuilder 
»  IEF 


We 


Some  positions  require  a  Bachelor's  degree,  others  a  Master’s  degree, 
also  accept  the  equivalent  of  the  degree  in  education  and  experience. 

With  Syntel  (NASDAQ:  SYNT),  you’ll  enjoy  excellent  compensation,  full  ben¬ 
efits,  employee  stock  purchase  plan  and  more.  Please  forward  your  resume 
and  salary  requirements  to:  Syntel,  Inc.,  Attn:  Recruiting  Manager-LD07,  525 
E.  Big  Beaver,  Suite  300,  Troy,  Ml  48083.  Phone:  248-619-2800;  Fax:  248- 
619-2888;  Equal  Opportunity  Employer. 


SVNirEL 

winfw.syntelinc.com 
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Mass.  Set  to  Restart  911  Rollout  After  Tragedy 


BY  MARC  L.  SONGINI 

he  state  of  Massa¬ 
chusetts  is  preparing 
to  restart  Verizon 
Communications 
Inc.’s  $75  million  implementa¬ 
tion  of  an  updated  911  emer¬ 
gency  system  after  a  software 
glitch  was  linked  to  a  delayed 
emergency  response  that  ulti¬ 
mately  ended  in  tragedy. 

The  rollout  to  public  safety 
operations  statewide  was  halt¬ 
ed  after  the  May  19  incident, 
when  a  911  call  in  Hopkinton 
failed  to  display  the  caller’s 
address  or  telephone  number 
for  emergency  personnel. 

That  feature  was  a  key  part 
of  the  system. 

By  the  time  Hopkinton  po¬ 
lice  and  fire  personnel  located 
the  caller’s  house,  the  person 
requesting  help  was  “unre¬ 


sponsive”  and  subsequently 
died,  according  to  a  statement 
by  Thomas  Irvin,  Hopkinton’s 
police  chief. 

The  911  system  in  question, 


called  Vesta,  was  made  by  call 
center  gear  provider  Plant 
Equipment  Inc.  in  Temecula, 
Calif.  The  vendor  referred  all 
questions  to  Verizon,  which 
was  contracted  by  Massachu¬ 
setts  to  install  the  system. 

The  state  is  installing  the 
new  system  largely  to  take  ad¬ 
vantage  of  its  ability  to  display 
the  location  of  cell  phone 
callers.  In  this  case,  though, 
the  911  call  was  made  from  a 
land  line. 

The  glitch  led  Verizon  and 
the  Massachusetts  Statewide 
Emergency  Telecommunica¬ 
tions  Board  (SETB)  to  stop  de¬ 
ploying  the  systems  until  the 
problem  was  fixed,  a  Verizon 
spokesman  said. 

Prior  to  the  troubled  May  19 
call,  the  system  had  been  in¬ 
stalled  in  14  so-called  public- 


safety  answering  points  in 
Massachusetts.  All  14  systems, 
which  have  remained  online, 
were  expected  to  have  re¬ 
ceived  the  software  modifica¬ 
tion  by  July  22,  according  to 
the  spokesman. 

Paul  Fahey,  executive  di¬ 
rector  of  the  SETB,  said  the 
agency  will  meet  early  next 
month  to  decide  whether  to  re¬ 
sume  the  work  of  installing  the 
rest  of  the  260  Vesta  systems. 

According  to  an  e-mail 
statement  from  Irvin,  Hopkin¬ 
ton  has  resumed  using  the 
new  system  under  a  close 
watch  by  officials.  The  in¬ 
stalled  systems  were  fixed  as 
part  of  a  maintenance  agree¬ 
ment  with  Verizon. 

The  Verizon  spokesman 
said  the  updated  911  system  in¬ 
cludes  a  redundancy  feature 


that  enables  users  to  retrieve 
information  by  other  means  if 
it’s  not  immediately  displayed 
on  their  terminals. 

However,  the  spokesman 
said,  “we  do  not  know  if  the 
information  for  this  particular 
call  appeared  on  the  backup 
systems.  We  don’t  have  any  di¬ 
agnostic  data  from  that  call.” 

Irvin  said  he  believes  the 
redundant  feature,  if  it  was  in 
place,  was  unavailable  to  users 
until  after  the  fix  was  released. 

The  Verizon  spokesman 
claimed  that  the  glitch  affect¬ 
ed  less  than  1%  of  911  calls 
placed  through  the  Vesta  sys¬ 
tems  installed  in  Massachu¬ 
setts.  0  55714 


MIAMI  911 


Florida’s  Miami-Dade  County  is  set  to  roll 
out  a  new  911  system  that  promises  closer 
links  to  other  county  applications: 

OQuickLink  55735 
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IT  Wages 

but  they  didn’t  all  agree  that 
increasing  costs  for  offshore 
IT  labor  are  a  significant  con¬ 
tributing  factor. 

“I  don’t  feel  that  increases 
of  offshore  salaries  are  the 
driver;  it’s  more  driven  by  lo¬ 
cal  economies  improving  and 
fewer  available  resources,” 
said  Denny  Brown,  CIO  at  Ari¬ 
zona  Public  Service  Co.  in 
Phoenix.  After  having  frozen 
IT  salaries  for  the  past  two 
years,  the  utility  company  is 
considering  a  moderate  pay 
increase  for  some  of  its  rough¬ 
ly  400  IT  workers,  Brown  said. 

A  report  released  last  week 
by  Foote  Partners  LLC,  a  New 
Canaan,  Conn.-based  market 
research  firm,  found  that  pay 
for  noncertified  and  certified 
technical  skills  has  risen  3.8% 
and  1.3%,  respectively,  through 
the  first  six  months  of  this  year. 

Pay  raises  this  year  have 
been  particularly  strong  for 
people  with  skills  in  operating 
systems  (up  8.2%),  networking 


and  internetworking  (up  5.1%), 
and  databases  (up  4.3%),  the 
report  said. 

The  results,  which  are  based 
on  a  survey  of  1,800  North 
American  and  European  orga¬ 
nizations  from  April  to  July  1, 
suggest  that  the  notion  that 
lower-cost  offshore  outsourc¬ 
ing  led  to  wage  deflation  for 
IT  workers  may  have  been 
overblown,  said  David  Foote, 
president  of  Foote  Partners. 

“There’s  no  doubt  about  the 
fact  that  offshoring  is  continu¬ 
ing  to  grow,”  Foote  said.  But 
many  organizations  “have  had 
less-than-ideal  experiences” 
with  offshore  outsourcing  and 
are  concerned  about  the  risks 
involved,  he  added. 

Supply  and  Demand 

Other  factors  contributing  to 
the  rise  in  domestic  IT  sal¬ 
aries  include  growth  in  corpo¬ 
rate  IT  project  portfolios  and 
additional  capital  available  to 
compensate  high-performing 
IT  workers,  said  Foote. 

Offshore  outsourcing  con¬ 
sultancy  neoIT  Inc.  has  also 
tracked  “moderate  growth”  in 


U.S.  IT  salaries,  said  Eugene 
Kublanov,  vice  president  of 
corporate  development  at  the 
San  Ramon,  Calif.-based  firm. 
But,  he  added,  the  higher 
salaries  being  paid  to  IT 
staffers  in  the  U.S.  are  the 
result  of  increased  demand, 


not  rising  offshore  wages. 

“Even  though  salaries  off¬ 
shore  are  rising  significantly 
in  some  locations,  the  base 
from  which  they  are  rising  still 
makes  offshore  resources 
quite  attractive  from  a  cost 
perspective,”  said  Kublanov. 


A  lack  of  U.S.  workers  with 
“higher-value  technical  skills” 
is  a  more  likely  reason  for  the 
changes  here,  he  said. 

A  tighter  job  market  is  mak¬ 
ing  it  particularly  tough  for 
Harrah’s  Entertainment  Inc.  to 
find  experienced  IT  project 
managers,  business  systems 
analysts,  data  warehousing 
managers  and  other  special¬ 
ists,  said  Tim  Stanley,  senior 
vice  president  and  CIO  at  the 
Las  Vegas-based  gaming  and 
hospitality  company.  Harrah’s 
is  looking  to  fill  25  to  35  IT  po¬ 
sitions,  he  said. 

Allan  McLaughlin,  senior 
vice  president  and  chief  tech¬ 
nology  officer  at  LexisNexis 
Group,  a  research  provider  in 
Dayton,  Ohio,  said  hiring  re¬ 
quests  for  IT  workers  are  get¬ 
ting  more  specific  —  another 
factor  contributing  to  compe¬ 
tition  for  technical  skills. 

LexisNexis  has  an  increased 
need  for  networking  special¬ 
ists  and  plans  to  expand  its 
five-person  IT  security  team 
to  nine  or  10  people  over 
the  next  six  months,  said 
McLaughlin.  ©  55722 


IT  Skills  Bonus  Pay 

Bonus  as  a  percentage  of  annual  salary 


IT  Skills 

Q2  ’03 

Q2  ’04 

Q2  ’05 

Networking  and 
internetworking 

6.6% 

6.5% 

7.1% 

Messaging,  e-mail 
and  groupware 

5.5% 

5.8% 

6% 

Enterprise 
apps  and  suites 

6.9% 

7.1% 

7.1% 

:  * 

App  development 
tools/languages 

6.5% 

6.6% 

7% 

Web/e-commerce 

development 

6.7% 

6.8% 

6.7% 

Databases 

7.7% 

6.9% 

aft- 

7.3% 

Operating  systems 

6% 

6% 

6.6% 

Ail  skills  surveyed 

6.7% 

6.6% 

6.9% 

Base:  1,800  North  American  and  European  employers 
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FUTURE 

TECHNOLOGY 

SEPTEMBER  19  -  21,  2005  HYATT  HUNTINGTON  BEACH  7  CALIFORNIA 


COME  AND  FEEL  THE  EXCITEMENT  LEVEL  RISE  TO  NEW  HEIGHTS. 
Join  today's  most  influential  technology  leaders  for  two  days 
of  ground-breaking  presentations  unveiling  the  innovative 
products  destined  to  change  the  marketplace.  Experience 
seventy  hand-picked  technologies  before  anyone  else.  DEMOfall 
2005  is  your  ticket  to  technology's  future  -  where  industry¬ 
shaping  ideas  turn  into  real  business  opportunities. 


DEMO  conferences  are  highly  regarded  as  the  can't  miss 
technology  events  of  the  year,  launching  exciting  new  products 
and  generating  millions  of  media  impressions.  Make  connections 
with  technology's  A-list  of  product  developers,  corporate 
executives,  venture  backers,  and  analysts.  Rub  elbows  with  top 
business  and  trade  journalists,  representing  outlets  such  as  CNN, 
the  Wall  Street  Journal,  Forbes,  New  York  Times,  USA  Today, 
Network  World,  and  InfoWorld.  This  single  event  is  guaranteed 
to  shape  your  future  with  new  information,  useful  contacts,  and 
a  renewed  energy. 


Register  now.  Save  $200. 

Sign  up  by  August  15  and  pay  $2,795. 
www.demo.com/F5A1  CW 
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$178B  of  Baloney 


THE  BREATHLESS  HEADLINE  on  the  press  release  reads: 

“$178  Billion  in  Employee  Productivity  Lost  in  the  U.S. 
Annually  Due  to  Internet  Misuse.”  Yow!  It  turns  out  that 
Web  sense,  which  sells  software  for  monitoring  and 
blocking  what  employees  do  on  the  Internet,  claims  that 
personal  use  of  the  Internet  on  company  time  is  “draining  employee 
output”  to  the  tune  of  $5,000  per  employee  per  year. 

Is  that  true?  Of  course  not.  It’s  baloney.  Never  mind  the  bizarre 
methodology  of  Websense’s  study,  which  includes  guesstimates  by 
IT  managers  to  come  up  with  that  $178  billion  number. 

Just  ask  yourself  this:  If  they  weren’t  on  the  Web,  would  those 
workers  actually  produce  more  “employee  output”? 


Nope.  Not  the  vast  majority  of  them,  anyway. 
Instead  of  reading  the  news  online,  they’d  be 
paging  through  a  newspaper.  Instead  of  check¬ 
ing  personal  e-mail  or  visiting  travel  or  shop¬ 
ping  sites,  they’d  be  handling  the  same  commu¬ 
nications  and  tasks  on  the  phone  or  during 
stretched-out  lunch  breaks.  They’d  just  be 
doing  it  less  efficiently. 

Let’s  face  it:  Employees  who  are  focused  on 
getting  their  work  done  don’t  need  some  sort  of 
electronic  nanny  to  make  sure  they  don’t  wan¬ 
der  off  into  the  weeds.  For  them,  the  Internet 
isn’t  a  distraction  —  it’s  a  tool. 

And  inveterate  slackers  who  are  focused  on 
wasting  time  will  do  that  regardless  —  whether 
it’s  on  the  Internet  or  at  the  water  cooler  or 
walking  around,  coffee  cup  in  hand. 

Management  knows  that.  CEOs  understand 
that  personal  Web  use  is  just  another  perk. 

Heck,  if  CEOs  actually  believed  they  could 
boost  productivity  by  $5,000  per  employee, 
they’d  slash  Internet  access  tomorrow.  Consid¬ 
er  Hewlett-Packard,  which  is  laying  off  14,500 
workers  in  hopes  of  chopping  $1  bil¬ 
lion  in  costs  next  year.  Do  you  think 
CEO  Mark  Hurd  wouldn’t  cut  Inter¬ 
net  access  to  HP  employees  if  he 
thought  that  would  instantly  gener¬ 
ate  an  extra  $725  million  for  HP’s 
bottom  line  and  increase  the  com¬ 
pany’s  net  income  by  20%? 

Of  course  he  would.  And  of  course 
he  won’t.  Because,  of  course,  it  won’t. 

So  who  is  this  “$178  billion” 
baloney  aimed  at?  Sad  to  say,  it’s 
aimed  at  people  in  corporate  IT. 

We’re  suckers  for  this  sort  of 
bunk.  Maybe  it’s  because  we’ve 


generated  so  many  bogus  ROI  calculations  our¬ 
selves.  Or  maybe  it’s  because  we’re  always  try¬ 
ing  to  improve  capacity  utilization,  which  is 
much  easier  than  increasing  user  productivity. 

But  micromanaging  machines  can  pay  off. 
Micromanaging  users  never  does. 

Besides,  we’ve  already  got  a  full  plate  of  real 
challenges  tied  to  users  and  the  Internet.  In 
comparison,  slapping  in  some  nannyware  and 
obsessing  over  what  Web  sites  to  block  and 
when  to  tattle  on  offenders  is  easy  and  fun. 

On  the  other  hand,  developing  a  useful,  acces¬ 
sible  e-mail  archive  is  hard.  Figuring  out  how  to 
track,  log  and  preserve  instant  messages  is  even 
more  difficult.  But  thanks  to  lawsuits  and  gov¬ 
ernment  regulations,  we  need  to  do  both. 

Spam  isn’t  getting  easier  to  handle.  Worms, 
viruses,  Trojans  and  spyware  are  getting  nasti¬ 
er.  Intruders  keep  getting  more  professional. 
Unprotected  home  PCs  that  employees  use  to 
log  into  our  networks  remain  a  nightmare.  Un¬ 
secured  wireless  access  points  —  in  the  office 
or  employees’  homes  —  are  even  worse. 

Those  are  all  real  problems  with 
real  potential  costs.  If  we  handle 
them  wrong,  they  really  can  drain 
employee  output.  And  they  can  cost 
a  lot  more  than  that  in  fines,  lost 
business  and  corporate  humiliation. 

So  let’s  forget  the  easy,  simple- 
minded  distractions.  Save  the  nan¬ 
nyware  for  kids.  Stay  focused  on 
helping  to  squeeze  more  real  pro¬ 
ductivity  out  of  the  way  employees 
use  the  Internet. 

And  let  self-inflated  vendors 
slice  their  own  baloney  —  all 
$178  billion  of  it.  ©  55701 


FRANK  HAYES,  Computef- 
world's  senior  news  colum¬ 
nist,  has  covered  IT  for  more 
than  20  years.  Contact  him  at 

frank_hayes@compirterworld.com. 


Yes,  That  Would  Explain  It 

Contractor  pilot  fish  working  at  a  big  suburban  water 
and  sewer  company  installs  a  user’s  new  PC,  and 
when  he  tests  the  e-mail  client,  he  discovers  more 
than  3,000  unread  messages.  Could  that  be  right?  “It 
is,”  user  tells  fish.  “When  I  started  here  a  few  years 
ago,  the  systems  people  set  me  up  with  an  e-mail  ac¬ 
count,  but  they  wouldn't  or  couldn’t  give  me  a  comput¬ 
er.  People  have  been  sending  me  messages  for  a  few 
years,  and  I’ve  never  read  or  replied  to  any  of  them.” 

How?  “All  she  gets 

Nasty  thunder-  SHARK  w^en  she  turns 

storm  takes  out  Si  III#  '  it  on  is  a  star 
I  ANfVW  screensaver.” 

Fish  walks  her 


this  company’s 
phones,  after 
which  support  pilot  fish 
soon  receives  an  e-mail 
from  a  departmental 
user:  “Cannot  obtain  a 
dial  tone  on  telephone 
internal  and/or  external. 
Please  call  me  at  exten¬ 
sion  1234  and  advise  the 
problem  so  I  can  inform 
other  employees  who 
are  having  the  same  is¬ 
sue  when  they  arrive 
this  morning.” 

Bad  Sign 

New  employee  at  this 
chemical  company  is  a 
highly  qualified  Ph.D.,  so 
IT  pilot  fish  figures  he 
shouldn’t  need  a  lot  of 
hand-holding.  “First 
thing  we  did  was  tell 
him  his  telephone  exten¬ 
sion  number,”  fish  re¬ 
ports.  “He  put  on  a  very 
strained  face  and  asked 
if  we  could  perhaps 
change  it  to  a  number 
that  was  easier  to  re¬ 
member.  I  couldn’t  stick 
around  when  the  discus¬ 
sion  moved  to  selecting 
network  passwords.” 

Screen-unsaver 

Laptop  user  on  a  road 
trip  calls  support  pilot 
fish.  “She  tried  to  turn 
her  laptop  on  after  hav¬ 
ing  let  it  fail  out  of  the 
overhead  bin,”  fish  says. 


through  some  trouble¬ 
shooting,  but  nothing 
helps,  so  he  tells  her 
to  ship  it  to  him.  “I  get 
the  package  next  day,” 
says  fish.  “The  LCD  is 
smashed,  right  in  the 
center  -  thus  creating  a 
starlike  effect.” 

They  Get  More? 

User  calls  help  desk  with 
a  data-entry  problem. 
“He  claims  the  applica¬ 
tion  is  penalizing  him  for 
trying  to  enter  17:75  in  a 
time  field,”  sighs  pilot 
fish.  “I  ask,  ‘How  many 
minutes  are  in  an  hour?’ 
User  responds,  ‘Sixty. 
But  I  thought  we  were 
supposed  to  enter  it  in 
military  time.’  ” 

Well,  No 

Sales  exec  buys  a  Blue¬ 
tooth-equipped  handheld 
device  on  her  own,  and 
pilot  fish  sets  up  the 
software  to  let  it  sync 
with  her  laptop.  “A  week 
later,  I  get  a  call  from 
her.  She  is  500  miles 
away  in  a  hotel  room, 
trying  to  sync  with  her 
laptop,”  fish  says.  “I  ask 
her  if  the  sync  software 
is  running  on  the  laptop. 
Her  reply:  ‘I’m  not  sure, 
can  you  check?  It’s  in 
my  office.’ " 


OSYNC  UP  WITH  SHARKY.  Send  me  your  true  tale  of 
IT  life  at  sharky@computerworld.com.  You'll  get  a 
stylish  Shark  shirt  if  I  use  it.  And  check  out  the  daily  feed, 
browse  the  Sharkives  and  sign  up  for  Shark  Tank  home 
delivery  at  computerworld.com/sharky. 


mmk 


(M2553 


i»!)  8S8SI 


.  mm 


Heather  Peck 

eBay  and  PayPal 
Systems  Engineering 


Buffy  Afendakis 

Sun,  Global  Account 
Manager 


USPS  Mail  Carrier 


Atmar  Reyes 

eBay  Community 
Specialist 


eBay  Seller 


Share  the  goods.  Looking  for  a  vintage  chrome  bumper?  An  avocado  green  blender?  You've  come  to  the  right  place,  •*’ 
More  than  147  million  buyers  and  sellers  have  gathered  together  to  make  eBay  the  world’s  online  marketplace-  ;  ^ 
and  create  a  serious  IT  challenge.  That’s  why  eBay  collaborated  with  Sun  to  ensure  unrivaled  scalability  and  availability, 
thanks  to  a  next-generation  architecture  powered  by  |ava’M  technology  and  running  on  Sun  Fire’"  servers.  It  helps 
eBay  bring  more  goods  to  more  people,  faster.  The  engine  is  the  masses.  The  network  is  the  computer.’”  Share.  : , 
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HITACHI 

Inspire  the  TSIext 
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We’re  inspired  by  the  human  side  of  data.  Digital  photography  is  more  than  just  jpeg  files.  It’s  sharing  a  grin 
with  Grandma.  It’s  sending  giggles  and  gurgles  to  aunts  and  uncles.  That’s  why  Hitachi  hard  disk  drives  are 
the  industry  choice  for  digital  cameras,  and  proud  parents.  From  the  smallest  Microdrive  to  the  largest  SAN 
solution,  Data  Storage  from  Hitachi. 


tachiyourdata.com 


